Hi, I want to save my KP database to a SSH server, but do not want to enter two passwords when opening that database in KP -- one for the SSH server and one for the KP database itself. Thus I would rather like to store the SSH server's login credentials in KP, so that I only have to provide the DB password.
However, isn't that a security issue?
Where are these URL login credentials saved?
You cannot save the server credentials in the database because you can't connect to the server to open the database to obtain the credentials to connect to the server......
Credentials used in Open URL are saved in KeePass.config.xml. This is not a security issue because the database is still secure, all you are doing is downloading it. You should probably avoid using the same credentials to access other files on your SSH server.
Yes, sure that the credentials are not saved in the database :)
I ment that these credentials are saved locally, unencrypted.
So one with access to the KP config file can access the server via SSH as well ...
Are the KDB and KDBX files as strongly encrypted as a TrueCrypt volume? Or should I store my KeePass databases in a TrueCrypt container just to be safe?
Which is why you only have the database accessible via that login.
KeePass uses AES 256 bit encryption, effectively uncrackable, but you can use a dictionary attach to guess the password. To protect against that KeePass uses encryption rounds.
Log in to post a comment.