/t/ - Technology

Discussion of Technology

Options Max message length: 8000 Drag files to upload or click here to select them Max file size: 32.00 MB Max files: 5 Supported file types: GIF, JPG, PNG, WebM, OGG, and more
E-mail (used to delete files and postings) No flaggentoo

 The backup domain is located at 8chan.se. .cc is a third fallback. TOR access can be found here, or you can access the TOR portal from the clearnet at Redchannit 2.0. Please be aware of the Site Fallback Plan! In case outages in Eastern Europe affect site availability, we will work to restore service as quickly as possible. WE ARE PLANNING THE 2.8 SITE UPGRADE FOR THIS WEEKEND, MONDAY EVENING 6-27. DOWNTIME WILL BE BRIEF, AND THEN WE HUNT FOR BUGS. (Estamos planeando la actualización del sitio 2.8 para este fin de semana, del lunes 6 al 27 por la tarde o por la noche en CST. El tiempo de inactividad será breve y luego buscaremos errores.) 8chan.moe is a hobby project with no affiliation whatsoever to the administration of any other "8chan" site, past or present.

Board Nuking Issue should be resolved. Apologies for any missing posts.

Password Managers Anonymous 06/01/2021 (Tue) 17:14:56 No. 4278
Ok it's time to get a password manager. It has to be open source, free and without any cloud crap because I trust nobody. Which PM do you anons use? Which KeepAss is better? There's the OG, X and XC now. Is there any way to extend my PM to android manually without any company getting their hands on my database? Let's discuss.
Use pass. https://www.passwordstore.org/ It's a password manager, it does one thing and one thing only: manage passwords. Want a GUI? Use a separate program. Want browser integration? Use a browser plugin. Want a searchable menu that lets you copy and paste a password into any prompt? Get dmenu or rofi and glue something together in a shell script. There is a nice selection of stuff built on top of pass on the website. The cool part is that since pass does only one thing it's much easier to reason about it. And since anything beyond just managing passwords sits atop of pass instead of being built it, it's much easier to swap out those things.
>>4283 This is what I use too. Desktop integration with rofi-pass is great, pass-otp manages OTP nicely, and the Password Store android app works great, too, and supports autofill in a lot of apps.
I still use kpcli. There's probably something better out there but I'm too lazy to switch at this point.
>>4283 >Use pass. What benefits does it offer over KeePassXC? >it does one thing and one thing only: manage passwords. Want a GUI? Use a separate program. Want browser integration? Use a browser plugin. Want a searchable menu that lets you copy and paste a password into any prompt? Get dmenu or rofi and glue something together in a shell script. Those are all benefits for the software dev, not for the end user. Why would I want to manage all those extra programs? KeePassXC has a perfectly fine UI, and I don't care about browser integration or autocomplete or any of that other stuff
>>5665 lol, i used to do this shit with my one-and-only-password-for-everything and called it a solution. but it never occurred to my nigger brain to do it to auto-generated passwords too, nice
I just use a bunch of files as passwords you just need to convert the byte stream to plaintext
>>5671 >pajeet linux
>>5671 >lua #!/bin/bash tr -cd '[:print:]' <"$1" | tail -c${2:-32} usage: \$ get-bytes.sh "filename.jpg" 69 # 69 chars also >kali >l33t h4x0r bash prompt >gui file manager lol picrel >>5672 do pajeets main kali? it seems more like a 90's skiddies OS, considering parrotOS is the new hotness for haxoring into mainframes. when they're not busy telling us they use arch btw, that is
>>5674 >l33t >doesnt even know basic security shell commands are completely visible and cached anyone can just run a debugger like strace and see your password long after youve called it the point of using lua or any secondary interpreter is to prevent internals from being visible, lua is just more practical because it embeds nativley in c where you can overwrite the memory address multiple times to make sure its gone
>>5681 >shell commands are completely visible and cached stdout isn't cached, just the fact that you invoked the script and the filename >implying invoking a lua script on the command line is different than invoking other commands on the command line nigger are you for real >the point of using lua or any secondary interpreter is to prevent internals from being visible >it embeds natively in c where you can overwrite the memory address multiple times to make sure its gone do you even have confirmation that lua scrubs its memroy before exiting? or are you just saying "C can do this"? <tr and tail are fucking C programs do you even know how to use a shell? and let me guess, you fucking copy-paste your passwords into input fields, using your clipboard like a retard goddamn, skiddie stereotype confirmed