Syncthing solves this problem for me without my keyring being exposed to any outside servers.
Cybersecurity
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
wooo didn't know about that. I'm going to read about it. If it doesn't require a home server, it suits my needs
Turns out this was exactly what I needed. I have no idea Syncthing was a thing. So, thanks a lot.
Syncthing is great. Servers are overrated anyway, I would rather everything be peer-to-peer wherever possible. Currently working on a script to integrate calcurse with DecSyncCC so I can keep my calendar synced between my laptop and phone without a server!
This is my solution as well.
I use KeePass and keep my database in the cloud. I use a key file that is never stored in the cloud in addition to my master password. You get a cloud backup of your database, and updates will sync to your devices if your cloud provider has a client that does that.
I actually don't sync it directly to my phone. I download a copy as needed. I also don't add passwords on my phone to my main database. I use a separate database for logins I create on my phone and import them once in a while on my PC. This is because Google Drive's sync on Android has been unreliable for me, though I haven't tried again in years.
I use KeePass DX on Android because it has a nice virtual keyboard so you don't have to use the clipboard, which is insecure. It also has a better UI with fingerprint unlocking.
I keep mine in the cloud but I also have a key file attached to it. That is not kept in the cloud so at least I have some security if the cloud service gets hacked and my password is 57 characters long.
I get it. But if I have to carry the key file everywhere to every device, I can just carry the database file.
There are two advantages of using the cloud for the database while keeping a key file out of it.
- It's a backup that's not on any of your own devices.
- Your devices sync with little effort. Save the file on one device, and the others have the new database automatically (when using common cloud storage providers that sync)
Understandable. I don't go very many places so this way is most convenient for me. For your situation I'm not real sure what would be the best practice for you, but I will be keeping an eye on this thread if someone has a better answer
I thought the better KDF was Argon2d because it's stronger against GPU attacks.
Does it have to be in "the cloud" or just accessible multiple places? I have a nextcloud instance running that's locked down but allows sharing with my android phone. For other computers it's on a network share and if off site I can connect over Wireguard to my home network to get access.
It does not have to. But I kinda hate sysadmin stuff, so I'm looking for convenience.