Bug#956558: ITP: ylva -- command line password manager
Package: wnpp
Severity: wishlist
Owner: Francisco Vilmar Cardoso Ruviaro <francisco.ruviaro@riseup.net>
* Package name : ylva
Version : 1.5
Upstream Author : Niko Rosvall <niko@byteptr.com>
* URL : https://github.com/nrosvall/ylva
* License : MIT
Programming Lang: C
Description : command line password manager
Password management belongs to the command line, deep into the Unix
heartland, the shell. Ylva makes managing passwords easy and secure.
It's a traditional command line software written in C. Ylva is very
portable and should run fine on most Unix-like operating systems.
Ylva is mainly developed on Linux.
.
Command line password manager is useful. You may choose to run it on
a remote server to make your passwords available remotely (over SSH
etc.). No need to sync your password database between machines.
.
Ylva uses OpenSSL (or LibreSSL) for encryption. For password database
SQLite is used. Ylva encrypts the database using AES with 256 keys.
Encrypted database is authenticated using HMAC. For key generation
PKBDF2-SHA256 is used with 200 000 iterations.
.
Ylva does not stay running, so possible plain text passwords are not
in memory except for a very short while. For example, running command
ylva --auto-encrypt --list-all would list all the password entries,
encrypt the database and then exit. Plain text passwords will be in
memory only couple of seconds. This makes it very hard for malware
to steal them.
.
When the database is decrypted, it's readable only by the owner
(chmod 600). Ylva does that automatically for the database file
so you don't have to change the permissions.
Reply to: