Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Cryptopus is a ruby on rails web application for storing and sharing passwords and other sensitive data. All data is stored encrypted in a database, safe from third party access.
Ruby CSS Shell JavaScript
Branch: master

switch from rvmrc to ruby-version

latest commit b00b547ae8
pascal simon authored

README.textile

Welcome to Cryptopus

Cryptopus is a ruby on rails web application for storing and sharing passwords and other sensitive data. All data is stored encrypted in a database, safe from third party access.

Copyright © 2009 Andreas Zuber, Simon Josi, Marcel Härry, Martin Gafner and Markus Tschannen

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Features

  • Store usernames, passwords and further descriptions
  • Attach files
  • Data will be encrypted, including the attachments
  • There is no shared master password
  • Users can form groups
  • Passwords can be shared within groups
  • LDAP authentication
  • Autologout

Warning!

Please remember that putting all your passwords together in a database and making this database accessible over the internet might be a relevant security threat. The passwords and keys are only as safe as the host that is running cryptopus and the SSL-secured connections (never use an unencrypted connection!), as well (and this is the most important point) as the strength of your main password.

So calculate the risk this setup might pose and choose a good password. Cryptopus won’t make your passwords more secure! It simply gives you the possibility to manage them in a nice way, store them in a safe manner and share them with other people if you wish to do so.

Under no circumstances can we ever be held liable for password theft, lost passwords or any other inconvenience caused by using cryptopus. Please read this paragraph three more times, it’s important!

Requirements

  • Ruby 1.9.3
  • rvm
  • bundle
  • mysql-server
  • libmysqlclient-dev
  • optional: LDAP as a user directory

Installation Notes

Download

git clone git://github.com/puzzle/cryptopus.git

Ruby

Install RVM (see https://rvm.io/rvm/install)
rvm install 1.9.3
rvm use 1.9.3
rvm gemset create cryptopus
cd cryptopus
bundle

Database

set up database: mysql> create database cryptopus_production;
mysql> grant all on cryptopus_production.* to 'cryptopus'@'localhost' identified by 'mypass'

The database.yml file reads ist settings from the environment variables. For development create a config file like this
which you can source “cryptopus.env” source cryptopus.env.

alias rails='bundle exec rails'
export PATH=/opt/ruby-1.9.3/bin:$PATH
export RAILS_ENV=production
export RAILS_DB_NAME='cryptopus_production'
export RAILS_DB_USERNAME='cryptopus'
export RAILS_DB_PASSWORD='mypass'
export RAILS_DB_ADAPTER='mysql2'
export RAILS_DB_HOST='dbserver.example.com'
export RAILS_DB_PORT='3306'

To deploy in production, you can set the variables for apache in your vhost:

SetEnv RAILS_ENV production
SetEnv RAILS_DB_NAME 'cryptopus_production'
SetEnv RAILS_DB_USERNAME 'cryptopus'
SetEnv RAILS_DB_PASSWORD 'mypass'
SetEnv RAILS_DB_ADAPTER 'mysql2'
SetEnv RAILS_DB_HOST 'dbserver.example.com'
SetEnv RAILS_DB_PORT '3306'

initialize database: rake db:migrate
start server: scripts/server
log into app with user root, first used password will be set automatically as password for this user

Mock + RPM + Puppet

If you have a mock buildserver you can build an RPM of cryptopus with the script in the config/rpm directory

BUILD_NUMBER=1 config/rpm/build_rpm.sh

You can integrate this in Jenkins if you want. This RPM can then be deployed with the Puppet Manifests found here:

http://puppet-modules.git.puzzle.ch/?p=module-rubyapps.git

This Puppet class automaticaly deploys the vhost configuration including environment variables needed for the database.

Contact Information

Cryptopus was made by the guys at Puzzle ITC. Please go to http://www.puzzle.ch/ in order to get in touch with us.

Something went wrong with that request. Please try again.