_ _
__ _| |_| | ___ __ __ _ ___ _ __ ___ __ _ _ __
/ _` | __| |/ / '_ \ / _` / __| '_ ` _ \ / _` | '_ \
| (_| | |_| <| |_) | (_| \__ \ | | | | | (_| | | | |
\__, |\__|_|\_\ .__/ \__,_|___/_| |_| |_|\__,_|_| |_|
|___/ |_|
-----------
What is it?
-----------
It is a graphical interface to manage the usage of passwords related to servers
or services, grouped by customers (plateforms, etc.) The purpose is to provide
system and network administrators a convenient tool to manage a passwords
knowledge base related to customers, servers, services... It can help to
retrieve passwords, or even connect to servers (ssh, telnet, ftp...) Unix, C
compiler, GTK+ libraries are required in addition to gnupg. Passwords must be
kept in a gnupg crypted file. The structure of the file is predefined, but
very easy to edit and maintain.
---------------
What is needed?
---------------
- C compiler
- GTK+ libraries (gtkpasman v>0.9 need versions 2 or 3.x)
- gnupg (pgp should work)
------------------------
Where does it come from?
------------------------
gtkpasman was a project based on gpasman (project of Olivier Sessink) The RC2
crypted method has been replaced by calls to gnupg. The encryption is now
external to the application.
As the 'Eye view' and its menus have been removed, the application is now
completely distinct.
-----------------
How does it work?
-----------------
Typical use:
- Edit a password file (see format below)
- crypt the password file with your gpg key:
gpg --encrypt --no-encrypt-to --recipient YOURKEYID gpasman4.sample
- remove uncrypted file
- launch gtkpasman:
gtkpasman gpasman4.sample.gpg
Buttons under the list of accounts on servers, help you to connect:
- you can have the password copied in the paste buffer. (Convenient if you
just want to enter it in an HTTP, ldap, or any kind of authentication)
- launching xterm-like program of your choice; just point a server or a user
on a service in the list, and you are connected, paste password with
middle-clic or paste shortcut and you are in.
- alternately, you can just launch an xterm, if you use ssh keys and do not
need to enter passwords for some servers. gtkpasman just helps you to group
servers by customers in this case
- when multiple selection is made, gtkpasman tries to launch a specific
command for ssh targets, so that you can use multiplexers programs like
cluster-ssh (cssh) on your selection.
There is also a search field to find out a server/group/customer in the list.
The password file should contain one line per password; The format of a line
in the encrypted file must be the same as the following:
- ";" is the separator
- spaces at start and end are allowed
- empty fields are allowed
- no separator is required for the last field (password)
- field names are in order:
customer, group, server, service, serviceplus, user, password
A sample file:
see src/gpasman4.sample
This file would give a represented tree like this :
+customer1
+Group 1
| +srvA
| | +ssh
| | +root2
| +srvB
| +ssh
| +root
+Group 2
+srvC
+ssh
+root
+customer2
+Group 1
+srvD
+ssh
+root
+acc
+customer3
+Group A
+srvE
| +ssh
| +port 322
| +root
+srvF
+ssh
+port 322
+root