展示HN:Keepr – 一个安全的离线开源命令行密码管理器
嗨,HN,
我制作了Keepr,这是一个简单的离线命令行密码管理器,专为喜欢将秘密保存在本地并完全在终端中工作的开发者设计。
所有数据都存储在一个加密的SQLCipher数据库中,由主密码保护。一个限时会话在您工作时保持保险库解锁,因此您不需要不断重新输入密码。Keepr从不连接网络。
它包含添加、查看、搜索、更新和删除条目的命令,以及一个安全的密码生成器和剪贴板支持。
技术细节:
- 通过SQLCipher使用AES-256加密
- 使用PBKDF2-HMAC-SHA256(1.2M次迭代)来派生密钥加密密钥(KEK)
- KEK解密存储的主加密密钥(PEK),该密钥用于加密保险库
- 会话文件在过期之前保存PEK
GitHub: [https://github.com/bsamarji/Keepr](https://github.com/bsamarji/Keepr)
PyPI: [https://pypi.org/project/Keepr/](https://pypi.org/project/Keepr/)
我非常希望能收到一些反馈、批评或任何问题,特别是在用户体验或安全性方面!
感谢您的关注!
查看原文
Hi HN,<p>I made Keepr, a simple offline CLI password manager for developers who prefer keeping secrets local and working entirely in the terminal.<p>Everything is stored in an encrypted SQLCipher database, protected by a master password. A time-limited session keeps the vault unlocked while you work, so you don’t need to re-enter the password constantly. Keepr never touches the network.<p>It includes commands to add, view, search, update, and delete entries, plus a secure password generator and clipboard support.<p>Technical details:<p>- AES-256 via SQLCipher<p>- PBKDF2-HMAC-SHA256 (1.2M iterations) for deriving the KEK<p>- KEK decrypts a stored PEK, which encrypts the vault<p>- Session file holds the PEK until expiry<p>GitHub: <a href="https://github.com/bsamarji/Keepr" rel="nofollow">https://github.com/bsamarji/Keepr</a><p>PyPI: <a href="https://pypi.org/project/Keepr/" rel="nofollow">https://pypi.org/project/Keepr/</a><p>I would love some feedback, criticism or any questions, especially on UX or security!<p>Thanks for looking!