Linux Password Manager
This isn't really about Linux password manager, it's more about password managers in general. It seems like everyone is going for "cloud storage" of my passwords. This is nuts. I know they "claim" they are fully encrypted and they don't have access to the passwords, but why should I trust them? These passwords are my life. It's crazy that this has become standard practice in the password manager world.
I use 1Password version 6, because after that they went subscription with MY passwords stored in the cloud with a "promise" that they couldn't decrypt them. I can't get (or find where to get) 1password 6 for Linux.
I might opt for one of the command line managers. I loose browser extensions, but honestly, those are probably way more insecure then cloud storage.
Oh, and it does have a command line interface!
Yeah, I know...I'm old school as one can be. 😀
It's running on my own server so I don't have to trust some third party to keep their promises. And I get the benefits of runnig it in the cloud.
BTW: Your blog seems to be missing a title-tag.
You still have browser extensions for auto-fill with things like pass (the GPG-based command-line password manager, https://www.passwordstore.org/). As pass just manages a directory (with optional git repository) of PGP-encrypted files, you can synchronize the password database through any git repository you want (any server with git and ssh will do, but you could use private repo in a 3rd party provider too – since you encrypt the passwords with a key you generated yourself, you may be sure the host cannot decrypt them), and there are compatible clients for mobile platforms too. I use pass with the passff extension on Firefox and the Password Store app on Android.
I didn't play with TFA though.
The best "enterprise-level" commercial application for that purpose that I have seen, unfortunately, is extremely expensive and requires a Windows Server: Mateso Password Safe. https://www.passwordsafe.com/
VeraCrypt... The fork of TrueCrypt, which in turn had a major security flaw that made its encrpytion easily breakable, which was the reason why the project was abandoned?
Let's state the obvious, gentlemen: All these things will at best protect you from nosy neighbors and script kiddies, but none of them will protect you from your own government. It also doesn't matter whether that information is stored locally or on some cloud storage: The moment you use your credentials, they are being sent over the Internet, and all that Internet traffic --is-- being intercepted at your ISP's core routers. This is not paranoia, since Edward Snowden all suspicions have been confirmed. For example, here in Germany, all Internet traffic is being routed through DE-CIX in Frankfurt, and all traffic going through there is mirrored - not by German intelligence services, but by US intelligence services. And what the Americans don't intercept, GCHQ in Britain does.
Seriously, we need to be more afraid of our "friendly" government agencies than we should be afraid of Nigerian spammers or Russian or Chinese hackers. The Nigerians are at least only interested in our money, the others want to control our lives.
If not I can recommend Enpass. It's an offline password manager with great browser plugins and you can sync up your encrypted password database to almost any online backup provider (Google Drive, Dropbox, etc). Works great on Linux too. I use the mobile app too which also works great.
Pass is a *nix command line-based password manager. It runs fully locally, so no cloud-based crap. There are some graphical front-ends for it which you could use if you prefer that.
Passff is a browser extension so you can easily access your passwords stored by Pass in the browser.
Installing it will require a bit of work, reference the Git pages or Arch Wiki if you run in to issues and for how-to's.
It's awesome and there are Chrome extensions.
I have all my passes on Google Drive stored and synched with all my devices which uses android all for $10 but now it seems they have increased the price to 40-50
It's secure, portable, and easy to use. Only con is you do you need to remember to keep it with you if you want to use it on your phone/laptop on the go. But for the added peace of mind knowing your passwords are not likely to show up in bulk in a leak; I think that's a worthwhile tradeoff.
Basically it is a nice GUI for GPG-encrypted textfiles that makes use of the "pass"-utility, that is the very same thing for the terminal.
you can check the status of application wine compatibility on https://appdb.winehq.org/
Not to hijack this post, but I just want to say congrats on making the jump to Linux. I'm a long time Mac & Windows user (from System 7.1 & Win3.1 onward) but this year I forced myself to transition off both to Linux to avoid using Windows10. I don't want to buy a modern Mac to run modern MacOS. Ubuntu/Debian based Linux distros have been really great for me.
I highly recommend you check out PopOS. I experimented with like 20 different distros before settling on PopOS. The auto-tiling shell is absolutely the best way to get lots of work done with multiple windows. Its so fast cand clean and still totally gnome3 based so you can do whatever you'd want.
For home server use I have several SBC and converted chromebooks running DietPi. I totally recommend you checking that out too. Its fantastic for low power/older machines.
Has several options - I personally use bitwarden.
I am rubber, you are glue.
Francesco di Marciare
Simply store your passwords in a hidden directory where you can use subfolders to organize and where every files contain a password encrypted with your GPG key. Shell completion make it really pleasant to use. So in the end, your passwords are stored using only standard tools (filesystem + gpg), no cloud, no heavy Electron GUI, as KISS as possible :)