diff options
| author | Anne Jan Brouwer <annejan@noprotocol.com> | 2015-11-24 00:12:22 +0100 |
|---|---|---|
| committer | Anne Jan Brouwer <annejan@noprotocol.com> | 2015-11-24 00:12:22 +0100 |
| commit | 71abd820b71a011df1231ac797167ba93fecacc6 (patch) | |
| tree | a5f7ba1375910aa1a1bb39c1bfef4990e25f565d | |
| parent | 02f3485d9a94bee60ae62a3e3216bf91ff442227 (diff) | |
md lint
| -rw-r--r-- | CONTRIBUTING.md | 8 | ||||
| -rw-r--r-- | FAQ.md | 33 | ||||
| -rw-r--r-- | README.md | 31 |
3 files changed, 52 insertions, 20 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 150ba07a..76ccd97b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -10,11 +10,13 @@ This document is stil in a very early stage and needs a lot more work. ## Translations -* Add you language to the `qtpass.pro` file under TRANSLATIONS and in the `resources.qrc` file. +* Add you language to the `qtpass.pro` file + under TRANSLATIONS and in the `resources.qrc` file. * Next run the command `lupdate qtpass.pro` which will create the localization files. -* Edit your file with (let's imagine your language is sv_SE (Swedish) `linguist localization/localization_sv_SE.ts` +* Edit your file with (let's imagine your language is sv_SE (Swedish) + `linguist localization/localization_sv_SE.ts` -Qt Linguist has very nice in-context translation options https://doc-snapshots.qt.io/qt5-5.6/linguist-translators.html +Qt Linguist has very nice in-context translation options [for translators](https://doc-snapshots.qt.io/qt5-5.6/linguist-translators.html) ## IRC @@ -1,14 +1,18 @@ -#FAQ +# FAQ ## Issues ### Can't save a password -* Is folder initialised? Easiest way is to use the [Users] button and make sure you can encrypt for someone (eg. yourself) + +* Is folder initialised? Easiest way is to use the [Users] button + and make sure you can encrypt for someone (eg. yourself) * Are you using git? If not, make sure it is switched off. ### I have an issue with GNOME keyring + * Disable GNOME keyring * Create a `~/.gnupg/gpg-agent.conf` containing: + ``` enable-ssh-support write-env-file @@ -17,7 +21,8 @@ default-cache-ttl 600 max-cache-ttl 7200 ``` -Also, the following is useful to add to your .bashrc if you are using Yubikey NEO on Ubuntu: +Also, the following is useful to add to +your .bashrc if you are using Yubikey NEO on Ubuntu: ``` # OpenPGP applet support for YubiKey NEO @@ -31,28 +36,38 @@ fi * More info: [issue 60](https://github.com/IJHack/qtpass/issues/60) and [issue 73](https://github.com/IJHack/qtpass/issues/73) ### I don't get a passphrase / PIN dialog -* You'll need to install pinentry-qt (or -qt4 or -qt5 or even -gtk) and possibly set the full path to that executable in your `~/.gnupg/gpg-agent.conf` for example: `pinentry-program /usr/bin/pinentry-qt4` -* On some esotheric systems it might be necessary to create a symbolic link `/usr/bin/pinentry` to your pinentry application of choice eg: `ln -s /usr/bin/pinentry-qt5 /usr/bin/pinentry` + +* You'll need to install pinentry-qt (or -qt4 or -qt5 or even -gtk) and + possibly set the full path to that executable in your `~/.gnupg/gpg-agent.conf` + for example: `pinentry-program /usr/bin/pinentry-qt4` +* On some esotheric systems it might be necessary to create a symbolic + link `/usr/bin/pinentry` to your pinentry application of choice + eg: `ln -s /usr/bin/pinentry-qt5 /usr/bin/pinentry` ### Where can I ask for help? + * Create an [issue](https://github.com/IJHack/qtpass/) issues on github. * Send an email to [help@qtpass.org](help@qtpass.org) ### Can I import from KeePass, LastPass or X? -* Yes, check [passwordstore.org/#migration](http://www.passwordstore.org/#migration) for more info. + +* Yes, check [passwordstore.org/#migration](http://www.passwordstore.org/#migration) + for more info. ### I don't like the design, what gives? + * It's all on github, clone, change and send a pull request. * Open an issue and point out defects or better yet propose changes. ## How can I help improve QtPass? -###I would like to donate! +### I would like to donate! * Time: * Read [contributing](CONTRIBUTING.md) documentation. * Fork, clone hack and send a pull request. * Find an [issue](https://github.com/IJHack/qtpass/issues) to work on.. - * Participate in our bug bounty, you submit an issue and help us fix it, I send you a bounty. + * Participate in our bug bounty, you submit an issue and help us + fix it, I send you a bounty. * Money: -IJhack takes donations in [bitcoin](https://blockchain.info/address/146dqz8zXn9iNZMv5s7JVqwZKjrmumHBfb) + * IJhack takes donations in [bitcoin](https://blockchain.info/address/146dqz8zXn9iNZMv5s7JVqwZKjrmumHBfb) @@ -1,29 +1,37 @@ -QtPass [](https://travis-ci.org/IJHack/qtpass) [](https://ci.appveyor.com/project/annejan/qtpass/branch/master) +QtPass ====== -QtPass is a GUI for [pass](http://www.passwordstore.org/), the standard unix password manager. +[](https://travis-ci.org/IJHack/qtpass) +[](https://ci.appveyor.com/project/annejan/qtpass/branch/master) +[](https://scan.coverity.com/projects/ijhack-qtpass) + +QtPass is a GUI for [pass](http://www.passwordstore.org/), +the standard unix password manager. Features -------- + * Using pass or git and gpg2 directly * Configurable shoulder surfing protection options * Cross platform: Linux, BSD, OS X and Windows * Per-folder user selection for multi recipient encryption * Multiple profiles -Logo based on https://commons.wikimedia.org/wiki/File:Heart-padlock.svg by AnonMoos. +Logo based on [Heart-padlock by AnonMoos](https://commons.wikimedia.org/wiki/File:Heart-padlock.svg). Installation ------------ + On most systems all you need is: `qmake && make && make install` On Mac OS X: `qmake && make && macdeployqt QtPass.app` -* Currently seems to only work with MacGPG2 +Currently seems to only work with MacGPG2 Security considerations ----------------------- + Using this program will not magically keep your passwords secure against compromised computers even if you use it in combination with a smartcard. @@ -39,6 +47,7 @@ it installed (or at least one that knows how to use a smartcard). To get better protection out of use with a smartcard even against a targeted attack I can think of at least two options: + * The smartcard must require explicit confirmation for each decryption operation. Or if it just provides a counter for decrypted data you could at least notice an attack afterwards, though at quite some effort on your part. @@ -51,22 +60,28 @@ attack I can think of at least two options: Known issues ------------ -* Filtering (searching) breaks the tree/model sometimes -* Starting without a correctly set password-store folder give weird results in the tree view + +* Filtering (searching) breaks the tree/model sometimes +* Starting without a correctly set password-store folder + gives weird results in the tree view * On Mac OS X only the gpgtools MacGPG2 version works with passphrase or PIN Planned features ---------------- + * Re-encryption after users-change (optional of course) * Plugins based on field name, plugins follow same format as password files * Colour coding folders (possibly disabling folders you can't decrypt) * WebDAV (configuration) support * Optional table view of decrypted folder contents -* Opening of (basic auth) urls in default browser? Possibly with helper plugin for filling out forms? -* Some other form of remote storage that allows for accountability / auditing (web API to retrieve the .gpg files?) +* Opening of (basic auth) urls in default browser? + Possibly with helper plugin for filling out forms? +* Some other form of remote storage that allows for + accountability / auditing (web API to retrieve the .gpg files?) Further reading --------------- + [FAQ](FAQ.md) and [CONTRIBUTING](CONTRIBUTING.md) documentation. [Documentation](https://qtpass.org/) |