Ubuntu - URL-CMD - password restrictions?
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
Hello,
My system:
Ubuntu 17.10 with Keepass2 2.36 (from official Ubuntu repositories).
Problem:
I'm trying to mount an encrypted container via the URL-CMD-function and veracrypt. I noticed so far some undocumented(?) password/char set restrictions:
Quotations (" and ') and backslashes in passwords are making troubles.
Quotations trigger an error (invalid data) and backslashes are handled as an escape order, so just disappear and making the password false.
Workaround:
Adjust the password and escape these characters with backslash.
Example:
URL:
cmd://veracrypt --mount {S:fFilepath} -p {PASSWORD} --pim='{S:#pim}' --fs-options=X-mount.mkdir=0700 {S:mPoint}Real password not working:
\123'4"5Adjusted, working password:
\\123\'4\"5Any ideas what to adjust (preferably not the password itself)?
I'm also curious, how this is working on Windows.
Thanks and best regards,
Florian
I just tested the URL with plain password input without placeholder on Windows and that also didn't worked. So the Windows version of Keepass appears to process escaping stuff automatically on URL execution.
So this may be the right solution to the Linux/Ubuntu version too.
Best regards,
Florian
Last edit: Florian Schwarz 2017-12-22
Try escaping the entire password, that's what you have to do in Windows.
e.g. URL: cmd://veracrypt --mount {S:fFilepath} -p '{PASSWORD}' --pim='{S:#pim}' --fs-options=X-mount.mkdir=0700 {S:mPoint}
cheers, Paul
You mean frame the placeholder in apostrophes? Not working.
I tested some configurations and here are the results:
M: Mount successful
E: Error message (s. above)
W: Wrong password / password prompt
*: Adjusted Password
So sometimes Keepass is parsing {Password} right, sometimes not. In Ubuntu not at all.
Best regards,
Florian
Edit: Maybe I should mention, that veracrypt help in Ubuntu is telling:
So the results with quotes and apostrophes shouldn't be that surprising.
Last edit: Florian Schwarz 2017-12-22
What do you get if you echo the command line to the console? Does the password show up as expected?
cheers, Paul
I'm not quite sure, how to let Keepass open a visible bash so I piped stdout into a file:
Not working: Error (Invalid data)
With password 1234 it's working and I can see the password in test_kp.txt...
Best regards,
Florian
Last edit: Florian Schwarz 2017-12-23
May be interesting, why this wouldn't work with quote: https://unix.stackexchange.com/questions/187651/how-to-echo-single-quote-when-using-single-quote-to-wrap-special-characters-in/187654#187654
Seems Linux doesn't like quotes on the command line, so a text conversion may work for you.
{T-REPLACE-RX:!{PASSWORD}![\"']!\$0!}
https://keepass.info/help/base/placeholders.html#texttrf
cheers, Paul
Apparently Mono requires an additional special character encoding; I've implemented this as a workaround now.
Here's the latest development snapshot for testing:
https://keepass.info/filepool/KeePass_171223.zip
Thanks and best regards,
Dominik
Thanks, latest snapshot worked with the actual password.
Any ideas, when this will be in the official repos?
Best regards,
Florian
The usual answer is "when it's ready". :)
cheers, Paul