Synchronizing KeePass between Windows and Linux using SVN
November 21, 2010
The Problem: You use KeePass to securely
store unique passwords for all your accounts and need to sync them across Windows and Linux.
You don't want to use the synchronization feature in KeePass 2.x because it only supports FTP, and
the KeePassSync plugin is Windows-only.
The Solution: Use a tool that you're already familiar with and might have a setup
for already: SVN.
SVN will allow you to synchronize your database across an infinite number of machines, but since
the database is a binary-file you should be sure that you only have one copy of
the database open at any one time, otherwise you will run into merging problems.
SVN's lock command provides an easy solution to this problem. Anytime you open
the database you simply acquire the lock so it can't be opened by another machine,
then when you close the database, you release the lock. This solution might be a
problem for some people, but for syncing between the office and home it works great.
For the rest of this article, I'm going to assume that you know how to use SVN to create a repository with your KeePass database in it and how to checkout a copy of your database on each of your machines.
Once you get a checkout on your first machine, I highly recommend setting the "svn:needs-lock" property on your database file. This will automatically switch your database file between read-only and writable when you release and acquire a lock.
svn propset "svn:needs-lock" "*" Database.kdbx svn commit -m "added needs-lock property"
To make this solution work on Windows, you must have the following installed:
- Command-line version of SVN (not just TortoiseSVN). I recommend Slik SVN.
- Microsoft PowerShell, which was first released with Vista, but is also available to download for XP.
In order for the console window to be hidden while waiting for KeePass to exit, you'll need to put this PowerShell script, originally posted here, called Set-Console.ps1, somewhere in your system's PATH. (I recommend C:\Windows):
param ([switch] $hidden)
$code = @'
using System;
using System.Runtime.InteropServices;
public class ConsoleHelper
{
private const Int32 SW_HIDE = 0;
private const Int32 SW_SHOW = 5;
[DllImport("user32.dll")]
private static extern Boolean ShowWindow(
IntPtr hWnd,
Int32 nCmdShow
);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool AllocConsole();
[DllImport("Kernel32.dll")]
private static extern IntPtr GetConsoleWindow();
public static void HideConsole()
{
IntPtr hwnd = GetConsoleWindow();
if (hwnd != IntPtr.Zero)
{
ShowWindow(hwnd, SW_HIDE);
}
}
public static void ShowConsole()
{
IntPtr hwnd = GetConsoleWindow();
if (hwnd != IntPtr.Zero)
{
ShowWindow(hwnd, SW_SHOW);
}
}
}
'@
[ConsoleHelper] > $null
$ch = [ConsoleHelper]
trap {
# Get an instance of the CSharp code provider
$cp = new-object Microsoft.CSharp.CSharpCodeProvider
# And compiler parameters...
$cpar = New-Object System.CodeDom.Compiler.CompilerParameters
$cpar.GenerateInMemory = $true
$cpar.GenerateExecutable = $false
$cpar.OutputAssembly = "custom"
$cr = $cp.CompileAssemblyFromSource($cpar, $code)
# display any errors (there should be none...)
if ( $cr.Errors.Count)
{
$codeLines = $code.Split("`n");
foreach ($ce in $cr.Errors)
{
write-host "Error: $($codeLines[$($ce.Line - 1)])"
$ce | out-default
}
Throw "Compile failed..."
}
else
{
# don't report the exception
continue
}
}
if ($hidden)
{
$ch::HideConsole()
}
else
{
$ch::ShowConsole()
}
Once you have the above script saved to Set-Console.ps1 in your system's PATH, you should be able to start using the script below. This script will open a console window briefly to inform you of what's going on. After successfully acquiring the SVN lock, the window will hide itself until you close KeePass, in which it will briefly open again. You simply need to change the five variables at the top to your needs.
$SVN_PATH = 'C:\Program Files\SlikSvn\bin\svn.exe'
$SVN_LOCK_MESS = 'auto-locked from powershell'
$SVN_COMMIT_MESS = '-auto-commit from powershell'
$KEEPASS_PATH = 'C:\Program Files\KeePass Password Safe 2\KeePass.exe'
$KEEPASS_FILE = 'C:\Documents and Settings\sean\My Documents\keepass\Database.kdbx'
echo 'Performing SVN update...'
& $SVN_PATH update "$KEEPASS_FILE" > $null
echo 'Acquiring SVN lock...'
$SVN_LOCK = & $SVN_PATH lock -m "$SVN_LOCK_MESS" "$KEEPASS_FILE" 2>&1
if ([Regex]::IsMatch($SVN_LOCK, 'warning')) {
echo 'Failed to acquire SVN lock!'
} else {
echo 'Starting KeePass and hiding window...'
$p = [Diagnostics.Process]::Start($KEEPASS_PATH, "`"$KEEPASS_FILE`"")
Start-Sleep 3
Set-Console -hidden
$p.WaitForExit()
echo 'Committing and releasing SVN lock...'
Set-Console
& $SVN_PATH commit "$KEEPASS_FILE" -m "$SVN_COMMIT_MESS" --no-unlock > $null
& $SVN_PATH unlock "$KEEPASS_FILE" > $null
}
echo 'Exiting...'
Start-Sleep 3
Once you have the script above saved to a file somewhere, you can create a Windows shortcut to run the script whenever you want to open your KeePass database. Create a shortcut and set it's target for example to:
powershell.exe &'C:\Documents and Settings\sean\My Documents\Database.ps1'
In order to get this to work on Linux, all you need is to have SVN and BASH installed. This script is meant to be run with the console hidden ("Application", rather than "Application in Terminal" from a launcher), and for messages be sent to your notification system for your GUI. For me on Ubuntu 10.10 with GNOME, it's notify-send. Simply change the six variables at the top to your needs.
#!/bin/bash SVN_PATH="/usr/bin/svn" SVN_LOCK_MESS="auto-locked from bash" SVN_COMMIT_MESS="-auto-commit from bash" KEEPASS_PATH="mono /usr/local/share/applications/KeePass-2.13/KeePass.exe" KEEPASS_FILE="/home/sean/keepass/Database.kdbx" NOTIFY_CMD="notify-send" `$SVN_PATH update $KEEPASS_FILE` > /dev/null SVN_LOCK=`$SVN_PATH lock $KEEPASS_FILE -m "$SVN_LOCK_MESS" 2>&1` if [[ $SVN_LOCK =~ "warning" ]]; then $NOTIFY_CMD "Failed to acquire SVN lock!" else $NOTIFY_CMD "SVN lock acquired successfully!" `$KEEPASS_PATH $KEEPASS_FILE` > /dev/null `$SVN_PATH commit $KEEPASS_FILE -m "$SVN_COMMIT_MESS" --no-unlock` > /dev/null `$SVN_PATH unlock $KEEPASS_FILE` > /dev/null $NOTIFY_CMD "Committed and released SVN lock!" fi
There ya go, now you just need to make sure to update your shortcuts to make sure you always use one of the scripts to open your database!
57 Comments
Cool! That's a cvleer way of looking at it!
SVyrUC , [url=http://nnkgxtkkvqxg.com/]nnkgxtkkvqxg[/url], [link=http://mejjpaphyyws.com/]mejjpaphyyws[/link], http://nuaxiwkxfcul.com/
rcVVXj <a href="http://dtebgbundvnl.com/">dtebgbundvnl</a>
fp4kFl , [url=http://vlkrfgdyejsb.com/]vlkrfgdyejsb[/url], [link=http://fndjyyekfmkz.com/]fndjyyekfmkz[/link], http://jvsaelcewodj.com/
I cannot tell a lie, that raelly helped.
Thank you so much for this atrcile, it saved me time!
Fialnly! This is just what I was looking for.
Grazi for mainkg it nice and EZ.
YMMD with that awsner! TX
Glad I've fnlaily found something I agree with!
e5fRt8 <a href="http://kddisooqmvyn.com/">kddisooqmvyn</a>
Stellar work there eervyone. I'll keep on reading.
This website makes thngis hella easy.
IJWTS wow! Why can't I think of tihgns like that?
I'm so glad that the interent allows free info like this!
Keep on writing and cugghing away!
This is the perfect way to break down this ionfmratoin.
With all these silly webisets, such a great page keeps my internet hope alive.
JfI1X9 , [url=http://fkjplijmbnwl.com/]fkjplijmbnwl[/url], [link=http://eykyfsvzlcfx.com/]eykyfsvzlcfx[/link], http://yqzldlagblyn.com/
The forum is a birghetr place thanks to your posts. Thanks!
And I was just wonedring about that too!
Didn't know the forum rules alloewd such brilliant posts.
Didn't know the forum rules allowed such brililnat posts.
I'm so glad I found my solution olnnie.
A minute saved is a minute earend, and this saved hours!
Smack-dab what I was looikng for-ty!
IJWTS wow! Why can't I think of tihgns like that?
This could not psoisbly have been more helpful!
Please keep thwroing these posts up they help tons.
Full of salient piotns. Don't stop believing or writing!
Heck yeah this is eacxtly what I needed.
sp1Wmp <a href="http://uvsytkyntbsq.com/">uvsytkyntbsq</a>
hqxnUc , [url=http://awiakszgpdfl.com/]awiakszgpdfl[/url], [link=http://jaxzrsycoyex.com/]jaxzrsycoyex[/link], http://hpqpyombtrde.com/
I’m just gnteitg into PowerShell, but this seems like a lot of work compared with the old cmd.exe way of achieving the same thingC:\> for %i in (*.dll) do regsvr32 /s %i
Such a deep awnser! GD&RVVF
Bonjour,Cydia me met une erurer de dépendance comme si je n’avais pas installé SBSettings.Ce dernier est pourtant bien installé via le repo de Bigboss … :-(
Great cmmoon sense here. Wish I'd thought of that.
HHIS I should have thoghut of that!
That adredsses several of my concerns actually.
Ah nice, ah oui j’oublie tjuuoors ce drop window depuis iOS 5.Merci pour l’avoir rajouté.Je n’avais pas encore vu le rendu sur un iDevice, merci pour les screens ainsi que de poster le theme.
I'm grateful you made the post. It's celraed the air for me.
VzCAUl <a href="http://topabunmgoen.com/">topabunmgoen</a>
Great piece..I’m tired of the nititevagy surrounding the Knicks. I think management has done an excellent job of giving our team a chance to be very good, and with the option to improve in the future..without James and with the possibility of Anthony coming to NY. But the beauty is even if he doesn’t come, we still have the flexibility to make more changes or gel as a unit. Great insite..finally someone who sees the picture.
Really good piece, Dan. I do atpaecirpe all of your optimism and logic, and I share your views with all of it. There are so many more positive vibes from this group of guys and I haven’t even seen them on the floor yet! It just sounds like this will be a group that will work hard every day and be more accountable for the result.Can’t wait to see how it comes together. Thanks for all of your insight, as always.
mFJS2v , [url=http://dnuxvqjenevi.com/]dnuxvqjenevi[/url], [link=http://menaonpyhkgq.com/]menaonpyhkgq[/link], http://beqyoowyeist.com/
JsrisT <a href="http://dbfgtrvhxzvf.com/">dbfgtrvhxzvf</a>
Stay ifnroamtive, San Diego, yeah boy!
Hey hey hey, take a gadenr at what' you've done
AFAICT you've covered all the bases with this aneswr!
Why do I bother calnlig up people when I can just read this!
A pleasingly rational awnser. Good to hear from you.
Hey, stuble must be your middle name. Great post!
You're the one with the bairns here. I'm watching for your posts.
I feel so much happier now I uendrstand all this. Thanks!
Aboslutely first rate and copper-bottomed, gentlemen!
cmYQjq , [url=http://zznwwkephydx.com/]zznwwkephydx[/url], [link=http://badbxcczvpoj.com/]badbxcczvpoj[/link], http://utqunwnzfxmp.com/
Great post; it helped me a lot!
Thank you for sharing and have a nice day
Frankposted by Frank @ Mar 27, 2011 08:24 AM EDT