1 Password Manager Daemon is a server that provides a way for applications to
2 securely store and retrieve data at a centralized location. The data is stored
3 in an XML file and clients connect and send commands to manipulate the data.
5 I needed this because I use a few applications that require the same
6 credentials but hate having to update all those configuration files to reflect
7 any changes. The data file can be edited once with a pwmd client and patched
8 applications can retrieve the updated shared info. See the "Target Attribute"
9 in the documentation for details.
11 Some of the features include:
13 * Multi-threaded. More than one client may access the data at the same
15 * OpenPGP encrypted XML data files via GnuPG with smartcard support
16 * Remote network connctions via libpwmd over GnuTLS or SSH via a proxy
17 * Configuration file which supports file specific settings including:
18 cache expiration, key file and more
19 * Logging to file and/or syslog
20 * Secure memory usage. Pwmd will zero out memory before freeing it and
21 also has the option to lock the entire process in RAM to avoid swapping
22 the data to virtual memory
27 C99 compiler - http://www.gnu.org/software/gcc
28 Has been tested to work. Others should work fine, too.
30 libassuan - ftp://ftp.gnupg.org/gcrypt/libassuan
31 Protocol. Version 2.0.2 or later is required. Version
32 2.1.0 or later is recommended for UDS peer credential
33 checking on OS's other than Linux.
35 libgpg-error - http://www.gnupg.org
36 Error handling. Version 1.18 or later is required.
38 gpg-agent - http://www.gnupg.org
39 Keypair generation, decryption and caching. Version 2.1.8
42 pinentry - http://www.gnupg.org
43 Normally required for passphrase retrieval from gpg-agent.
45 libxml2 - http://xmlsoft.org
46 Required for XML parsing and data manipulation.
48 libgpgme - http://www.gnupg.org
49 For data file crypto operations. Version 1.6.0 or later is
52 libgcrypt - http://www.gnupg.org
53 Cache encryption and hashing. Version 1.5.0 or later is
56 libgnutls - http://www.gnu.org/software/gnutls/
57 For encrypted connections over a TCP network. Version
58 3.3.0 or later. Optional.
63 ./configure && make install
65 Typing 'pwmd' will start the server and wait for connections to
66 ~/.pwmd/socket. Passing --allow-preset-passphrase to gpg-agent is recommended
67 and gpg-agent option --allow-loopback-pinentry is required if using a keyfile
68 or connecting over TLS. These options can be added to the gpg-agent.conf
69 configuration file in the gnupg home directory (~/.pwmd/.gnupg). See the
70 gpg-agent(1) manual page for details about these options and the pwmd
71 documentation for details about the location of the GnuPG home directory.
76 Any program that can connect to a UNIX domain socket will work although using
77 pwmc, a client included with libpwmd, is recommended:
79 echo command | pwmc filename
83 socat UNIX-CONNECT:$HOME/.pwmd/socket -
85 A much more user-friendly full featured client QPwmc is also available. It has
86 a nice Qt GUI and is much easier to use. See http://qpwmc.sourceforge.net/ for
89 Please read pwmd.info manual for protocol commands, syntax and
90 configuration details. A HTML version is also available in doc/pwmd.html.
95 There is a public GIT repository available at repo.or.cz. Anonymous checkouts
98 git clone git://repo.or.cz/pwmd.git
100 git clone https://gitlab.com/bjk/pwmd.git
102 The gitweb interface can be viewed at:
104 http://repo.or.cz/w/pwmd.git
106 https://gitlab.com/bjk/pwmd
111 Please send bug reports, questions or feature requests to
112 https://lists.sourceforge.net/lists/listinfo/pwmd-devel
114 The same for libpwmd may be sent to
115 https://lists.sourceforge.net/lists/listinfo/libpwmd-devel
118 Ben Kibbey <bjk@luxsci.net>
119 http://pwmd.sourceforge.net/