[CentOS] KeePassX replacement

Phil Perry pperry at elrepo.org
Sat Sep 16 15:05:12 UTC 2017 

On 16/09/17 11:55, Tom Longfield wrote:
> I have been using KeePassXC (though mostly on Debian) for quite a while 
> now and am happy to report it works well.  Nothing springs to mind that 
> annoys me and it's a decent drop in replacement.
> My setup sounds pretty similar to your own (also use keepass2android, 
> though not KeePass on Windows).
> 
> I would be inclined to compile from source yourself rather than use an 
> unofficial repo you have no reason to trust for such a sensitive 
> application.
> 
> I'm not trying to besmirch the good name of 
> copr.fedorainfracloud.org/bugzy but I've never heard of them and if you 
> hadn't either that would give me pause for thought before I let their 
> binaries at my passwords.
> 

I'm in a similar position presently, evaluating at password manager apps 
and had also come across that KeePassXC build.

I briefly installed the above package to evaluate and also intend to 
rebuild it for my own use. Another concern for me was the use of the 
'centos' dist tag when the package clearly isn't a 'centos' package. 
I've got as far as confirming the validity of the source tarball in the 
SRPM and checking the SPEC file. Everything looks fine, but as 
previously mentioned I would still rebuild such a sensitive package for 
my own use.

The only other potential issue I see is that the latest KeePassXC 
requires a newer version of libgcrypt, which the repo above packages as 
libgcrypt16 (libgcrypt version 1.6.6) on el7. The release of 1.6 broke 
ABI compatibility with version 1.5 in el7. I have not tried building 
KeePassXC against libgcrypt-1.5 in el7 to know if that is viable.


> On Fri 15 Sep 2017 @ 21:43, H wrote:
>> I have been using the KeePassX password manager on CentOS 6 and 7 for 
>> some time and it works pretty well. On my Windows machine I use 
>> KeePass which offers a number of features missing from KeePassX, I 
>> also sync the database between several machines, including Android 
>> units where I use keepass2android. Database compatibility is thus 
>> required.
>>
>> KeePassX, however, does not seem to be maintained any more, the last 
>> update was just a bit less than a year ago. It also has some annoying 
>> bugs, including where switching keyboards on the computer corrupts the 
>> username and the password if they include any character outside the 
>> ASCII range.
>>
>> There seems to be a community fork called KeePassXC and I would like 
>> to ask if anyone is using this password manager? It is not in EPEL, 
>> nor in any other standard repository, only through an unofficial 
>> repository at https://copr.fedorainfracloud.org/coprs/bugzy/keepassxc/,
>>

More information about the CentOS mailing list