#1624 Encrypted key files

open
nobody
5
2012-11-19
2012-06-21
rgeorge7
No

It would be good to provide the ability to encrypt the individual key files so that the database cannot be opened if someone gains a copy of a key file.

Therefore with a shared database, each user could have a separate copy of the key file encrypted with their own password.
This is standard practice with openssh and is done by using the ssh-keygen utility.

If the current key file format will not allow the option of encryption, perhaps a separate file extension could be proposed. e.g. eky for encrypted key

Discussion

  • Paul
    Paul
    2012-06-22

    An encrypted key file is the same as key file and password. No need for anything extra.

    cheers, Paul

     
  • rgeorge7
    rgeorge7
    2012-06-26

    Not quite the same because shared passwords are inherently insecure because you can't ever be sure who knows the password as they can be easily given out to others without your knowing.

    Anyway, I found a workaround to do this.

    Create a database with a long password.
    Each user starts keepass and opens their own local database encrypted with their own private password.
    They add an entry and put the password in the password field and set the URL to something like:

    cmd://"C:\User\KeePass\KeePass.exe" \\network_path\DMS.kdbx -pw-enc:{PASSWORD_ENC}

    This still is really a shared password, except that it is encrypted within a personal keepass file. A much better solution would be to encrypt the key files with a user's public key. This would then allow you to add or revoke a user's access by creating or deleting their encrypted key files which are created by signing them with the user's public key. Therefore when a user leaves the organisation, the database gets it's password changed and new encrypted key files get generated for all the users. Just a thought.