Wait isn’t that defeating the purpose of KeePass? I strictly use it as a local password manager (no cloud backups and such), since I thought that was the main spelling point
You can of course. I think the selling point is that you control it and it’s a single file that you can decide where you’ll keep it, how you access it, and what app you use to interact with it.
I can copy, delete, move it all without needing a service for it. Can modify it offline and everything!
I don’t host the file on a password manager dedicated cloud, it’s my own cloud space with other files I have there as well. So the file is just in my cloud space, with other files, and i have a synced folder on my phone + pc and just access that cloud folder with the file from keepassXC on my PC and keepassDX on my phone :)
For me keepass offered a single databae file that I can decide where and how I keep it. Also works offline because the cloud syncs folders and even without internet a version exists on my phones cloud folder (until it gets synced again with internet).
I had not heard of ubicloud, that’s pretty cool! Thanks for the tip!
And sure:
I don’t self host it, I got managed owncloud space from a domain and web host provider.
I manage my own VPS that I got from them but the cloudspace came extra with buying the domain + email services (I’ve managed email server at my job and no way in hell will I do that for myself, too much headache).
So basically, in short, I have a managed email + owncloud space (just 5gb, don’t honestly need more) from a commercial provider and just use owncloud app on my phone and PC to sync folders on both. I keep my encrypted joplin notes and (encrypted by default) keepass database on this cloud. Owncloud takes care of syncing and I just use Joplin and KeePass on both devices and set them to use the files in owncloud folder. Never had an issue in 2 years with anything.
Technically my provider could scan my stuff, but they won’t get anything out of joplin notes or keepass.
Your idea for a setup sounds way more private, but i think for my usecase I’ve been happy since it’s so low effort and still does what I want it to do.
I have seen on lemmy people recommend syncthing (https://syncthing.net/) for keepass, which directly synchronizes a folder between devices without a middleman if you wanr. But everytime you want to sync you need to have both devices on for that as there is no automatic middleman that is always available. Maybe that could be done with a raspberry pi?
Anyway: you can easily set this up with proton if you already have proton cloud no?
Or is the database file encrypted with a password? If not you might want to use something like VeraCrypt to encrypt and password protect the database files on the cloud
Didn’t see this comment but: I trust enough my cloud provider + the database file is encrypted with the masterpassword you set for your keepass.
I also use this cloud to host my Joplin notes, which are also E2EE (joplin supports it) so even if my cloud provider would take a peek it’s all encrypted.
Wait isn’t that defeating the purpose of KeePass? I strictly use it as a local password manager (no cloud backups and such), since I thought that was the main spelling point
You can of course. I think the selling point is that you control it and it’s a single file that you can decide where you’ll keep it, how you access it, and what app you use to interact with it.
I can copy, delete, move it all without needing a service for it. Can modify it offline and everything!
I don’t host the file on a password manager dedicated cloud, it’s my own cloud space with other files I have there as well. So the file is just in my cloud space, with other files, and i have a synced folder on my phone + pc and just access that cloud folder with the file from keepassXC on my PC and keepassDX on my phone :)
For me keepass offered a single databae file that I can decide where and how I keep it. Also works offline because the cloud syncs folders and even without internet a version exists on my phones cloud folder (until it gets synced again with internet).
Can you give me a quick rundown of how you run your cloud space? Can I just Ubicloud + Coolify + Nextcloud?
I had not heard of ubicloud, that’s pretty cool! Thanks for the tip!
And sure:
I don’t self host it, I got managed owncloud space from a domain and web host provider.
I manage my own VPS that I got from them but the cloudspace came extra with buying the domain + email services (I’ve managed email server at my job and no way in hell will I do that for myself, too much headache).
So basically, in short, I have a managed email + owncloud space (just 5gb, don’t honestly need more) from a commercial provider and just use owncloud app on my phone and PC to sync folders on both. I keep my encrypted joplin notes and (encrypted by default) keepass database on this cloud. Owncloud takes care of syncing and I just use Joplin and KeePass on both devices and set them to use the files in owncloud folder. Never had an issue in 2 years with anything.
Technically my provider could scan my stuff, but they won’t get anything out of joplin notes or keepass.
Your idea for a setup sounds way more private, but i think for my usecase I’ve been happy since it’s so low effort and still does what I want it to do.
I have seen on lemmy people recommend syncthing (https://syncthing.net/) for keepass, which directly synchronizes a folder between devices without a middleman if you wanr. But everytime you want to sync you need to have both devices on for that as there is no automatic middleman that is always available. Maybe that could be done with a raspberry pi?
Anyway: you can easily set this up with proton if you already have proton cloud no?
I’m moving away from Proton, and self hosting is cooler anyway. Instead of Proton I’m trying out Tuta, Mailbox, Addy.io and Bitwarden
That sounds like a nice stack! And true, self hosting is really nice. Just wanted to give options if you don’t feel like getting into self hosting.
Nevertheless, good luck on your privacy journey! I’m working on it too!
Or is the database file encrypted with a password? If not you might want to use something like VeraCrypt to encrypt and password protect the database files on the cloud
Didn’t see this comment but: I trust enough my cloud provider + the database file is encrypted with the masterpassword you set for your keepass.
I also use this cloud to host my Joplin notes, which are also E2EE (joplin supports it) so even if my cloud provider would take a peek it’s all encrypted.
Ah ok, I was wondering if the database file is encrypted, ignore my comment since it was intended for if the file is unencrypted by default