Rust-Freepass: freepass — The free password manager for power users.

NOTE: this is pretty much abandoned, I recommend Bitwarden now. There is an export command in the CLI that produces CSV suitable for import into Bitwarden.

NOTE: if you've been using freepass before June 03, 2017: you need to checkout the serde-migration git tag, build the CLI, and mergein your vault into a new one using that particular version.

freepass unlicense

The free password manager for power users.

X11 screencast gif

What's going on?

  • A password manager.
  • Based on the Master Password algorithm, generates the same passwords as the Master Password apps.
  • But wait, there's more! Why stop at passwords? It generates...
    • Ed25519 digital signature keys for...
      • OpenSSH: Freepass adds private keys directly to a running ssh-agent & exports public keys in OpenSSH format!
      • signify: Freepass signs files & exports public keys in signify format!
      • TODO SQRL
    • Raw 256-bit keys for symmetric ciphers.
    • TODO BIP39-compatible passphrases.
  • Yes, all of the above is derived from your master password and full name, you can always recover it by entering the same data!
  • The generator settings (site names, counters) are stored in vault files:
    • Serialized into CBOR.
    • Encrypted with NaCl secretbox for each entry + AES for the whole file.
    • (Keys are derived from the master password like the generated passwords.)
    • Every time you save a vault file, its size changes randomly. That's a feature. Some random junk is added to make it a bit harder to count how many passwords you have without opening the file.
  • You can also store passwords and text in these vault files (for stuff that can't be generated).
  • You can merge two vault files (e.g. from sync conflicts).
  • You can import KeePass 2 (kdbx) files.

How?

  • Freepass is written in the Rust programming language and uses libsodium as the crypto library.
  • Very modular code, easy to audit.
    • You can separately check that the core library does everything correctly, and that the user interface passes your data to the core library, not to an evil server.
  • Some parts were written as completely separate Rust crates:
  • Completely free software: public domain / Unlicense.

Where?

Freepass is (going to be) available on different platforms:

  • cli: for UNIX-like systems
  • A desktop GUI and mobile apps will be available in the future.

Each version has its own README!

Contributing

By participating in this project you agree to follow the Contributor Code of Conduct.

The list of contributors is available on GitHub.

License

This is free and unencumbered software released into the public domain. For more information, please refer to the UNLICENSE file or unlicense.org.

Comments

  • Support for SSH private key print.
    Support for SSH private key print.

    Dec 1, 2015

    Right now I can print the public key from freepass, or add the private key to ssh-agent. Are there any plans to allow printing the private key as well? I want to be able to export the keys for use but right now I have to do it in a round about way. Is this an option you are considering adding?

    Reply
  • please add compiled version with description
    please add compiled version with description

    Jul 2, 2017

    i checked the released tab but you only have "serde-migration". i wanted to use it but i need to compile it? it would be much nicer to just have it built.

    Reply
  • remove needless byteorder::Error & update cli Cargo.lock
    remove needless byteorder::Error & update cli Cargo.lock

    Mar 26, 2016

    screenshot_20160327_000443

    https://github.com/BurntSushi/byteorder/commit/e429dfb9ccb74e32c5f1800a20318ea2162ef262

    Reply
  • add missing newlines in signify output tests
    add missing newlines in signify output tests

    Feb 2, 2016

                                                                                                                                                                                                           
    Reply
  • Counter must be 1 to follow spec.
    Counter must be 1 to follow spec.

    Dec 2, 2015

    The spec on the master password website mistakenly declared '0' as the default counter value. As per this issue it is confirmed that none of the algorithms implemented in the official applications use 0. While It's annoying to have to change passwords, I think it is better to update to the actual behaviour of master password applications. Fixes issue #5 if merged.

    Reply
  • Fix unix_socket dependency on osx
    Fix unix_socket dependency on osx

    Nov 15, 2015

                                                                                                                                                                                                           
    Reply
  • Demo GIF Not Found error
    Demo GIF Not Found error

    Jun 26, 2017

    The screencast gif linked in the readme appears to have been deleted. Could you please re-upload it?

    Reply
  • Consider dual licensing
    Consider dual licensing

    Nov 16, 2015

    Not all legislations allow releasing code to the public domain, nor recognize the UNLICENSE as valid. To solve this, you should consider dual licensing your project. This would allow the user to choose which license to use. Maybe a possible alternative is the MIT license (see https://github.com/BurntSushi/fst, which is dual-licensed under MIT and the UNLICENSE).

    See this stack exchange question for details about the problems with UNLICENSE.

    Reply
  • thread panic with interact subcommand
    thread panic with interact subcommand

    Aug 7, 2017

    To reproduce:

    cd freepass/cli
    cargo build --release
    strip target/release/freepass 
    mv target/release/freepass /usr/local/bin
    RUST_BACKTRACE=1 freepass interact
    

    Expected output: interactive repl displayed Actual output:

    thread 'main' panicked at 'Option file not found', src/main.rs:139:16                       
    stack backtrace:
       0: <unknown>
       1: <unknown>
       2: <unknown>
       3: <unknown>
       4: <unknown>
       5: <unknown>
       6: <unknown>
       7: <unknown>
       8: <unknown>
       9: <unknown>
      10: __libc_start_main
      11: <unknown>
    

    Notes: help subcommand works though, so that's helpful.

    Reply
  • Compilation on rustc 1.12.1 and 1.14.0-nightly fails
    Compilation on rustc 1.12.1 and 1.14.0-nightly fails

    Nov 8, 2016

    Doing a cargo update before cargo build leads to the following error:

    Compiling freepass-core v0.0.0 (file:///some/path/freepass/core)
    error[E0053]: method `lookup` has an incompatible type for trait
       --> some/path/freepass/core/src/attachments.rs:121:6
        |
    121 |      fn lookup(&mut self, _req: &Request, parent: u64, name: &Path, reply: ReplyEntry) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, fuse::ReplyEntry)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, fuse::ReplyEntry)`
    
    error[E0053]: method `mknod` has an incompatible type for trait
       --> /some/path/freepass/core/src/attachments.rs:226:6
        |
    226 |      fn mknod(&mut self, _req: &Request, parent: u64, name: &Path, mode: u32, _rdev: u32, reply: ReplyEntry) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, u32, u32, fuse::ReplyEntry)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, u32, u32, fuse::ReplyEntry)`
    
    error[E0053]: method `mkdir` has an incompatible type for trait
       --> /some/path/freepass/core/src/attachments.rs:235:6
        |
    235 |      fn mkdir(&mut self, _req: &Request, parent: u64, name: &Path, mode: u32, reply: ReplyEntry) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, u32, fuse::ReplyEntry)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, u32, fuse::ReplyEntry)`
    
    error[E0053]: method `create` has an incompatible type for trait
       --> /some/path/freepass/core/src/attachments.rs:243:6
        |
    243 |      fn create(&mut self, _req: &Request, parent: u64, name: &Path, mode: u32, flags: u32, reply: ReplyCreate) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, u32, u32, fuse::ReplyCreate)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, u32, u32, fuse::ReplyCreate)`
    
    error: aborting due to 4 previous errors
    
    error: Could not compile `freepass-core`.
    
    To learn more, run the command again with --verbose.
    

    Steps to reproduce

    git clone https://github.com/myfreeweb/freepass.git
    cd freepass
    git submodule update --init libsodium rusterpassword
    cd "cli"
    cargo update
    cargo build --release
    
    Reply
  • Consider 0.x.y version numbers
    Consider 0.x.y version numbers

    Nov 8, 2016

    For making distro packages, it would be great if you could provide some kind of version incrementing. Having '0.0.0' for every published version doesn't reflect any differences in the builds. If you follow semver, the 0.x.y releases are fine for an unstable product.

    Reply
  • Support for KeePass(X) keyring?
    Support for KeePass(X) keyring?

    Nov 23, 2015

    Oh, this project is awesome!

    I was wondering if support for KeePass(X) was listed in your road map!

    Reply