•  

Self-hosted Password Manager

0
0
3:13 PART 1 - Preparing the Server
07:04 PART 2 - Yubikey setup
13:00 PART 3 - Generating PGP Keys
17:32 PART 4 - Installing pass
21: 51 PART 5 - Dynamic DNS
28:11 PART 6 - Mobile access

*** HOME ROUTER: you need to port forward port 22 to your server's IP (PART 5)

# The Standard Unix Password Manager
https://www.passwordstore.org/

# Getting a domain from a DNS Hosting Service
https://bitcointv.com/w/3mNk2hz5XbYDX3WHb9hixf?start=1m8s

# GPG/PGP Series
https://bitcointv.com/w/p/bCuBWZh4ZdVbvdYJM8vmbW

# Yubikey Series
https://bitcointv.com/w/p/dhyWSopjPbkTqB5UanWL7G


### PART 1 ###

# Get Ubuntu server for rpi
releases.ubuntu.com

$ sudo adduser --disabled-password --gecos "" p
$ sudo nano /etc/hostname


### PART 2 ###

# Install packages
$ sudo apt install scdaemon yubikey-manager libpam-yubico libpam-u2f libu2f-udev

# Turn-off touch for encryption subkey
$ ykman openpgp set-touch enc off

# Script for restarting PC/SC Smart Card Daemon
---------------------------------------------------------
#!/bin/bash
sudo systemctl restart pcscd
---------------------------------------------------------

# Service for restarting PC/SC Smart Card Daemon on boot
---------------------------------------------------------
[Unit]
Description=Restart PC/SC Smart Card Daemon
[Service]
ExecStart=/usr/local/sbin/restart-pcscd.sh
[Install]
WantedBy=multi-user.target
---------------------------------------------------------

### PART 3 ###

# Generate PGP Certifying Key
$ gpg --expert --full-generate-key

# Issue subkey for encryption
$ gpg --expert --edit-key key_ID

# Flash subkey into yubikey
$ gpg --edit-key key_ID

# Export public key
$ gpg --export key_ID

# Encode pubkey into qr codes
$ sed -n x,yp pub.key | qr


### PART 4 ###

# Setup PASS
$ sudo apt install pass
$ gpg --fingerprint
$ pass init key_fingerprint

# Set alias in .bashrc
alias forget='gpgconf --kill gpg-agent'
$ source .bashrc


### PART 5 ###

# Free DNS hosting provider
desec.io

$ sudo apt install ddclient

# sudo systemctl status ddclient.service
daemon=1

sudo nano /etc/ddclient.conf
---------------------------------------------------------
daemon=300
protocol=dyndns2
use=cmd, cmd='curl https://checkipv4.dedyn.io'
ssl=yes
server=update.dedyn.io
login=my-domain
password=''
my-domain
---------------------------------------------------------

alias forget='gpgconf --kill gpg-agent'


### PART 6 ###

# termux
$ pkg upgrade
$ pkg install openssh
$ ssh-keygen -t rsa -b 4096

-----
Donations addr:
bc1qny4am3clu0gcsq3hvja4vcdhwd529hgmnlavfh
No comments yet...
Log in to comment
0 0 0
2024-02-08

Self-Hosted SimpleX Chat

00:55 PART 1 - Building SimpleX From Source 07:23 PART 2 - Configuring the SMP & XFTP Servers 16:07 …
0 0 0
2023-10-07

LINUX TUTORING

Don´t even know how or where to install Linux? That's OK. Absolute beginners welcome! Contact: 402P…
0 0 0
2023-09-14

Keet Peer as Data Relay

02:13 PART 1 - Preparing The Raspberry Pi 09:38 PART 2 - Install Keet 16:32 PART 3 - Remote Access …
0 0 0
2023-08-12

SOCKS5 Proxies

12:08 PART 1 - VPS SETUP 13:50 PART 2 - INSTALL DANTE 18:41 PART 3 - CLIENT AUTHENTICATION 21:12 PAR…
0 0 0
2023-07-28

Tor Snowflake Proxy

1:24 PART 1 - Server Setup 3:42 PART 2 - Snowflake Proxy Snowflake https://snowflake.torproject.org…
0 0 0
2023-07-22

Shadowsocks

01:45 PART 1 - Server Setup 03:37 PART 2 - Cliet Setup 04:50 PART 3 - Firefox & Tor Browser 09:30 PA…

402 Payment Required

Security. Privacy. Digital self-sovereignty. Bitcoin. Don't trust. Verify. A786 CA10 5A72 50D7 96BF…

Log in to Follow

More episodes from 402 Payment Required

Top Podcasts Top rated Podcasts