This is part 3 of a multi-part article. Part 1 is available here, part 2 is available here. Part 1 discusses the importance of complex passwords and also discusses some ways to create them in Linux. Part 2 covers the KeepassX, a program with a very nice graphical user interface. In part 3, takes a look at the gpass program which is a nice graphical user interface for the gnome desktop (will work on others too).

gpass

GPass is the password manager for GNOME2 desktop, released under the GNU GPL licence. The password collection is stored in an encrypted (Blowfish) file, protected by a master-password.

Feature

• Encryption is done using the Blowfish algorithm and SHA-1 hash.
• Variated edit feature. (Drag and drop, undo / redo, etc...)
• Quick-search facility.
• The built-in password generator helps you generate secure passwords.

Requirements

Require

• Linux
• GNOME2
• Mhash
• Mcrypt

Suggest

• check: for unit test

INSTALLATION

I would recommend that you use the package repositories and installation methods for your specific distribution to install gpass. In the event that a package does not exist or is not available, then you can install by source code or via svn. I will only cover the source code install in this article.

First, you will need to download the source code and save it to your computer.

After you have the source code downloaded, you will need to extract it:

[code]
tar xzfv gpass-0.5.1.tar.gz
[/code]

Next, change into the gpass directory:

[code]
cd gpass*
[/code]

Issue the configure command:

[code]
./configure
[/code]

Followed by make:

[code]
make
[/code]

Finally, make install:

[code]
make install
[/code]

The application is now installed.

RUNNING GPASS

You can either select the menu icon if one was created, or if not, just issue the gpass command from a shell, terminal, alt + F2, or whichever method you normally manually start applications.

When gpass is first run, the following sequence of application windows will appear (I will comment these as needed above the images):

In the next image, we select a master password that it takes to unlock the application. This should be a secure password because if this password is ever compromised, then your entire password database can be compromised.

In the following image, it tells us the database created will reside in ~/.gpass/passwords.gps

Clicking on the Add button brings up the Add password screen below.

Selecting Generate from the previous screen (image above) brings up the next image where you can customize and automatically generate passwords based on the criteria you select.

Whenever possible, you should always have special characters in your passwords.

The image below shows and example generated password for a length of 8 using all criteria selected.

A 12 character password using all criteria selected.

An example password entry screen showing test data entered. I used the 12 character generated password in the previous screen.

After an entry is made, you are returned back to the main application window. Selecting a password entry will give basic information on the right hand side of the screen, however, the password is still hidden.

If you select a password and then select the execute button, it will open the url in a browser you configure in the preferences window under the Launcher tab.

The preferences window.

Selecting the Edit drop down menu from the main application window brings up these options. If you have a password entry highlighted, you can copy the user name to the clipboard, the password to the clipboard, or both to the clipboard. You can also edit the entry.

SUMMARY

gpass is a nice graphical user interface for password management under the gnome desktop (and others). It is simply easy to use (not complex). However, I feel that when it comes to desktop and gui based password managers, keepassx is the clear winner for the simple fact it is compatible with other operating systems and is extensible via the plugins available for it. On the other hand, if all you use is linux and you want something that is quick, gpass may be just what you are looking for.