Welcome to Cryptopus
Cryptopus is a ruby on rails web application for storing and sharing passwords and other sensitive data. All data is stored encrypted in a database, safe from third party access.
Copyright © 2009 Andreas Zuber, Simon Josi, Marcel Härry, Martin Gafner and Markus Tschannen
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/.
- Store usernames, passwords and further descriptions
- Attach files
- Data will be encrypted, including the attachments
- There is no shared master password
- Users can form groups
- Passwords can be shared within groups
- LDAP authentication
Please remember that putting all your passwords together in a database and making this database accessible over the internet might be a relevant security threat. The passwords and keys are only as safe as the host that is running cryptopus and the SSL-secured connections (never use an unencrypted connection!), as well (and this is the most important point) as the strength of your main password.
So calculate the risk this setup might pose and choose a good password. Cryptopus won’t make your passwords more secure! It simply gives you the possibility to manage them in a nice way, store them in a safe manner and share them with other people if you wish to do so.
Under no circumstances can we ever be held liable for password theft, lost passwords or any other inconvenience caused by using cryptopus. Please read this paragraph three more times, it’s important!
- Ruby 1.9.3
- optional: LDAP as a user directory
git clone git://github.com/puzzle/cryptopus.git
Install RVM (see https://rvm.io/rvm/install)
rvm install 1.9.3
rvm use 1.9.3
rvm gemset create cryptopus
set up database:
mysql> create database cryptopus_production;
mysql> grant all on cryptopus_production.* to 'cryptopus'@'localhost' identified by 'mypass'
The database.yml file reads ist settings from the environment variables. For development create a config file like this
which you can source “cryptopus.env”
alias rails='bundle exec rails' export PATH=/opt/ruby-1.9.3/bin:$PATH export RAILS_ENV=production export RAILS_DB_NAME='cryptopus_production' export RAILS_DB_USERNAME='cryptopus' export RAILS_DB_PASSWORD='mypass' export RAILS_DB_ADAPTER='mysql2' export RAILS_DB_HOST='dbserver.example.com' export RAILS_DB_PORT='3306'
To deploy in production, you can set the variables for apache in your vhost:
SetEnv RAILS_ENV production SetEnv RAILS_DB_NAME 'cryptopus_production' SetEnv RAILS_DB_USERNAME 'cryptopus' SetEnv RAILS_DB_PASSWORD 'mypass' SetEnv RAILS_DB_ADAPTER 'mysql2' SetEnv RAILS_DB_HOST 'dbserver.example.com' SetEnv RAILS_DB_PORT '3306'
log into app with user root, first used password will be set automatically as password for this user
Mock + RPM + Puppet
If you have a mock buildserver you can build an RPM of cryptopus with the script in the config/rpm directory
You can integrate this in Jenkins if you want. This RPM can then be deployed with the Puppet Manifests found here:
This Puppet class automaticaly deploys the vhost configuration including environment variables needed for the database.
Cryptopus was made by the guys at Puzzle ITC. Please go to http://www.puzzle.ch/ in order to get in touch with us.