[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#956558: ITP: ylva -- command line password manager

Package: wnpp
Severity: wishlist
Owner: Francisco Vilmar Cardoso Ruviaro <francisco.ruviaro@riseup.net>

* Package name    : ylva
  Version         : 1.5
  Upstream Author : Niko Rosvall <niko@byteptr.com>
* URL             : https://github.com/nrosvall/ylva
* License         : MIT
  Programming Lang: C
  Description     : command line password manager

 Password management belongs to the command line, deep into the Unix
 heartland, the shell. Ylva makes managing passwords easy and secure.
 It's a traditional command line software written in C. Ylva is very
 portable and should run fine on most Unix-like operating systems.
 Ylva is mainly developed on Linux.
 Command line password manager is useful. You may choose to run it on
 a remote server to make your passwords available remotely (over SSH
 etc.). No need to sync your password database between machines.
 Ylva uses OpenSSL (or LibreSSL) for encryption. For password database
 SQLite is used. Ylva encrypts the database using AES with 256 keys.
 Encrypted database is authenticated using HMAC. For key generation
 PKBDF2-SHA256 is used with 200 000 iterations.
 Ylva does not stay running, so possible plain text passwords are not
 in memory except for a very short while. For example, running command
 ylva --auto-encrypt --list-all would list all the password entries,
 encrypt the database and then exit. Plain text passwords will be in
 memory only couple of seconds. This makes it very hard for malware
 to steal them.
 When the database is decrypted, it's readable only by the owner
 (chmod 600). Ylva does that automatically for the database file
 so you don't have to change the permissions.

Reply to: