# MyPasswordSafe being sunset by qt3 sunset

## depontius

Years back, Bruce Schneier wrote a program called "pwsafe" to store passwords.  It was a command-line thing, and recognized that security is not easy, and it's easy to leak information when you don't mean to.  There was a Windows port called PasswordSafe, and a Linux port called MyPasswordSafe.  I used the command line version for some time, and began using the GUI version once it became available.

The GUI version was never ported to 64-bit, so since moving there I've always run the 32-bit code.  But now it's masked for removal because it uses qt3.  So it's time to find a new version that is already ported to qt4 or gtk, go back to the command line version, port the existing version to qt4 myself, write some sort of GUI wrapper around the command-line tool, or do something else entirely.  I've got several years worth of passwords in there, and pwsafe does have an --export option, so I guess I could get everything out in a cleartext file.  I don't know how hard that would be to import into another program, though.

Is anyone else in the same boat?

I know that there are a pile of other password programs out there already.

Any security assessments?

Can they import plain text - I presume I can reformat the output of pwsafe's --export, if needed.

How hard is a port from qt3 to qt4, particularly for someone who doesn't know C++?

----------

## nickd

I moved over to KeePassX some time ago, which allowed me to import my pwsafe data files.

http://www.keepassx.org/

KeePassX appears appears to be just as robust and I can also run it on Windows (KeePass) and my Nokia E71 (KeePassJ2ME).

Hope that I'm not stating the bleeding obvious...

----------

## depontius

 *nickd wrote:*   

> I moved over to KeePassX some time ago, which allowed me to import my pwsafe data files.
> 
> http://www.keepassx.org/
> 
> KeePassX appears appears to be just as robust and I can also run it on Windows (KeePass) and my Nokia E71 (KeePassJ2ME).
> ...

 

It doesn't say that it can import .pwsafe.dat files - I hope that's an omission, and not a dropped capability.

Is there an ebuild?  I don't see it in app-crypt, either in base portage or sunrise.

EDIT

A little searching, and it looks like KeePassX is importing the clear-text export of pwsafe.  I may need to fiddle, but I'd still prefer an ebuild.

----------

## AllenJB

app-admin/keepassx (note: only one p!)

----------

## depontius

The version I just installed doesn't import text - only two types of xml or a pwm.  Is there a secret switch or alternate import hidden somewhere?

----------

## keenblade

There is a ruby converter script which you can use. First you have to export to xml with MyPasswordSafe, then use the converter. Google reveals there are lots of scripts for the purpose. Btw, keepassx is great. I am using it for years.

----------

## nickd

Apologies depontius, I'd forgotten that I'd used the Windows version (KeePass) to do my import. That has a whole page of plugins, including one to import.

http://keepass.info/plugins.html

N.

----------

## depontius

I was searching around for alternative converters, since I don't have Ruby currently installed.  In the process I found out about "Password Gorilla", which uses the same database as PasswordSafe, MyPasswordSafe, and pwsafe.  Since pwsafe is a command line client, and since it's always a good idea to have one of those around, I'm going to check out Gorilla first, and see if I can keep the common database.

If I need to, I'll wind up installing Ruby just to do the conversion.

----------

## keenblade

There is a perl script here.

Also if you have wine, you can install keepass for windows. It can import Password Safe database files with PwSafeDBImport plugin, without exporting anything. Then you can use the "windows keepass-1x" database directly with keepassx.

----------

## depontius

I just got back to working with this - actually in a way not gentoo-related.  I've been using gorilla, but now I'm on a company-delivered platform that doesn't have it available.  So I'm back to KeePassX and trying to import my good old ".pwsafe.dat".  I found the perl script you mention, but KeePassX doesn't like the xml it creates.  Later down that thread I found a few fixes to the script, but KeePassX still won't import it.  I have wine installed on a PC at home, so I may have to try that.

Any other conversion scripts in perl, python, ksh, bash, awk, etc?  (No Ruby or php on any of my machines, currently.)

----------

