Installation[edit]

Recommended to be installed inside an offline VM (vault). ^[1] When you want to keepassxc as replacement for Google Authenticator (actually TTOP, Time based One Time Password) Two Factor Authentication (2FA)) then a Debian based VM is more suitable than a Whonix-Workstation ™ based VM. ^[2]

Packages yubikey-personalization yubikey-personalization-gui are YubiKey related. Users not using YubiKey can skip installation of these packages and install keepassxc only.

sudo apt-get update

sudo apt-get dist-upgrade

sudo apt-get install keepassxc yubikey-personalization yubikey-personalization-gui

^[3]

Autostart[edit]

Optional. If you like to autostart keepassxc.

Create folder ~/.config/autostart/.

mkdir -p  ~/.config/autostart/

Open ~/.config/autostart/keepassxc.desktop in an editor as a regular, non-root user.

mousepad ~/.config/autostart/keepassxc.desktop

nano ~/.config/autostart/keepassxc.desktop

Paste the following content.

[Desktop Entry]
Type=Application
Name=keepassxc
Exec=keepassxc

Save.

The process is now complete.

Usage[edit]

To start.

keepassxc

First run question: either answer is ok.

Create a new database.

Default file name Passwords.kdbx is ok.

If you are using Full Disk Encryption you might want to use a very easy password. Up to you.

Left click one time on root

Then go to menu → entries → Add new entry → any name name as test → ok

right click on test → time based on time password → set up TOTP → Default → paste 2FA code → ok

right click on test again → time based on time password → show TOTP

Time Fix[edit]

2FA TTOP code changes every 30 seconds. So clock needs to be reasonable correct.

Troubleshoting only. If code does not match.

Set timezone to UTC for simplicity.

sudo cp /usr/share/zoneinfo/Etc/UTC /etc/localtime

Go to https://www.timeanddate.com/worldclock/timezone/utc ^[archive] or any other similar source to find out the time in UTC.

Fix the click. Change the date and time accordingly!

sudo date -s "26 SEPT 2018 11:54:25"

Check if the clock is correct now.

date

Footnotes[edit]

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier

Follow:

Donate:

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee ^[archive] of the Open Invention Network ^[archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian ^[archive]. Debian is a registered trademark ^[archive] owned by Software in the Public Interest, Inc ^[archive].

Whonix ™ is produced independently from the Tor® ^[archive] anonymity software and carries no guarantee from The Tor Project ^[archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.