PSafe is a free command-line utility for storing and retrieving passwords. The passwords are stored in an encrypted file (using the Blowfish algorithm) so that even if it falls into the wrong hands, the contents may only be viewed by entering your master PSafe password.
WARNING: Although every reasonable effort has been made to ensure the security of PSafe, you must judge for yourself whether or not it is a wise risk to put all of your passwords in one well-defined location. If someone gets a copy of your password file and guesses your password, all of the information you stored there will be known to them. See Security Considerations below.
That said, PSafe can increase security by encouraging you to use different (and more obscure) passwords for different purposes, without worrying that you might forget them.
Of course, if you forget your PSafe password, you lose everything.
To protect against this, you can enter a hint when you choose your
password, but you have to be careful not to give away the password
in the process. Take care!
PSafe requires Python 2.2 or later.
You must also install the
Python Cryptography Toolkit. Many OSes provide a convenient
package-based installation of that.
Once those are installed on your system, you may use PSafe.
To install, simply untar and copy the executable 'psafe' to some
place in your path (~/bin, /usr/local/bin, etc.). Or you can simply
leave it where it is and add that location to your path.
You may then begin using it. For example:
If this does not work, you may need to edit the first line in
psafe to use the correct name for python on your system.
Putting all of your passwords in one well-defined location is like putting
all of your eggs in one basket. The advantage is that it is easier to keep
track of your eggs. If someone breaks into your egg basket, the disadvantages
are obvious.
Many of the following security concerns are not unique to PSafe. Any
program that accepts passwords for authentication is subject to a number of
possible attacks.
The first time you save a password, PSafe will create a hidden directory
named For example, in AFS, you can see the access settings using the following
command:
If you are logging in over a network, be aware that everything you
see on the screen and everything you type (including your PSafe Master
Password) goes over the network too. Use a secure client, such as
ssh. The commonly used 'telnet' program does no encryption, so it is
inherently unsafe.
It is theoretically possible for a system administrator to examine
a memory image of PSafe while it is running in order to see your decrypted
passwords. Do not use PSafe if you distrust your system admins.
Any user who can modify the PSafe program itself can change it to
tell them your password when you enter it. Make sure you trust
whoever has write access to the psafe program and Python, probably root.
Similarly, anybody who had access to PSafe on the site that you
installed it from could also have modified the application to send
them your passwords.
If your PATH environment variable contains entries before the one
that points to psafe, anyone with write access to those directories
can create a program called 'psafe' there and it will override the one
you thought you were using. In general, don't add directories to your
path if you don't trust the owner of the directory.
When you view passwords using PSafe, it shows them right on the screen.
Maybe somebody will eventually add a paste option that will merely insert
the password into the clipboard, but even then, it's in the clipboard
memory, unless you are careful to clear it out before
you walk away from the workstation.
PSafe does not force you to use a good, hard to guess password. In
fact, you can use no password at all, in which case it stores
everything in plain text, making you totally reliant on the security
of the filesystem.
PSafe uses a flexible file storage format that can be easily extended to
support other encryption algorithms. It also supports any number of
additional fields per password entry.
If you export your file without
choosing an export password, you can see the format. In fact, you can
edit this plain text file and import it back into an encrypted PSafe
file. If you add additional fields to an entry (say password_hint),
this information is also displayed when you view the entry.
Currently, just two encryption modes are supported: plain text (no password),
and the Blowfish algorithm, using Cipher Feedback.
Installation
$ psafe
Psafe> help
PSafe> add dan@hep.wisc.edu
Password to save for dan@hep.wisc.edu: ******
PSafe> quit
Saving changes and exiting.
Security Considerations
File Storage
.psafe in your home directory. As a precaution, this
directory is created so that other users do not have permission to see
the contents. If your home directory is on AFS or some other shared
filesystem, you may have to take additional steps to ensure that others
do not have access. (They would still need to know your password to decrypt
the file, though.)
fs listacl ~/.psafe
Network Transmission
Memory
Program Hacks
Path Attacks
Screen Memory
Choice of Password
Implementation Details
Translations of this page
| Last Updated: March 18, 2015 |