How to use this thing?
this post was submitted on 30 May 2025
55 points (98.2% liked)
Selfhosted
46653 readers
390 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Did you see the Documentation section in the README.md? You basically initialise a password store on your server, and you use an implementation like this to sync (SSH + git) your passwords, which are encrypted via your GPG key.
https://www.passwordstore.org/ has some instructions how to initialise a password store on, for example, your server. Then refer to https://github.com/android-password-store/Android-Password-Store/wiki/First-time-setup to configure the app.
Did you see the Documentation section in the README.md?
Yes, that's why I'm asking.
Is this an alternative to bitwarden and keepass? Is it better in terms of security?
I don't have any experience with bitwarden. The question is what do you want.
I like pass because I can host my password with git, a decentralised storage. I have to manage the key myself.
Anyone know what windows client is able to use GNU pass?
It runs fine in wsl. Admittedly that's not ideal, but may be the best option.
Unfortunately OpenKeyChain is now no longer being developed. It still works.. for now.
APS moved away from OpenKeychain to PGPainless some time ago, from before this fork started. While not perfect either (see https://github.com/agrahn/Android-Password-Store/issues/287), PGPainless is being maintained, and from what I can tell from this APS fork's git log, is automatically bumped via their renovate bot (e.g. https://github.com/agrahn/Android-Password-Store/commit/9a6b596199d7eb87b40b53c4cb111ba7a5b48188)
Omg thank you! I was just starting to look for alternatives
I was too! I almost migrated to Vaultwarden, but I'm very thankful this fork is continuing the original maintainer's work.
Integration with Android
The GnuPG implementation for Android is called OpenKeychain. To configure it, just go to the "key management" menu and import the previously created secret key. The only drawback of OpenKeychain for me personally is that there is no fingerprint unlocking.
The pass implementation for Android is called android-password-store, or simply APS.
Install and launch APS. Before synchronizing the password store, go to the "Settings" menu. There we will need the following items:
-
Git server settings. The resulting URL should be the same as that specified on the repository page on github. Authorization type -OpenKeychain. -
Git utils. In this section, specify the username and email from the gpg key. -
OpenPGP provider. SelectOpenKeychain. -
Autofill.
Now you can clone. Select "clone from server" on the main screen, specify the desired location of the repository, check the git settings.
Of course, pass is not that easy to set up. However, this price buys confidence that the tools we use will not one day be declared obsolete, will not change their data format, and will not be left without support.