Iβm going to move away from lastpass because the user experience is pretty fucking shit. I was going to look at 1pass as I use it a lot at work and so know it. However I have heard a lot of praise for BitWarden and VaultWarden on here and so probably going to try them out first.
My questions are to those of you who self-host, firstly: why?
And how do you mitigate the risk of your internet going down at home and blocking your access while away?
BitWardenβs paid tier is only $10 a year which Iβm happy to pay to support a decent service, but im curious about the benefits of the above. I already run syncthing on a pi so adding a password manager wouldnβt need any additional hardware.
KeePassXC canβt be run in headless mode, and the GUI is tightly coupled to the app. You have to have all of X installed, and have a display running, to run it.
Hereβs the runtime dependencies of KeePassXC:
linux-vdso.so.1
libQt5Svg.so.5
libqrencode.so.4
libQt5Concurrent.so.5
libpcsclite.so.1
libargon2.so.1
libQt5Network.so.5
libQt5Widgets.so.5
libbotan-3.so.5
libz.so.1
libminizip.so.1
libQt5DBus.so.5
libusb-1.0.so.0
libQt5X11Extras.so.5
libQt5Gui.so.5
libQt5Core.so.5
libX11.so.6
libstdc++.so.6
libm.so.6
libgcc_s.so.1
libc.so.6
/lib64/ld-linux-x86-64.so.2
libgssapi_krb5.so.2
libproxy.so.1
libssl.so.3
libcrypto.so.3
libbz2.so.1.0
liblzma.so.5
libsqlite3.so.0
libdbus-1.so.3
libudev.so.1
libGL.so.1
libpng16.so.16
libharfbuzz.so.0
libmd4c.so.0
libsystemd.so.0
libdouble-conversion.so.3
libicui18n.so.75
libicuuc.so.75
libpcre2-16.so.0
libzstd.so.1
libglib-2.0.so.0
libxcb.so.1
libkrb5.so.3
libk5crypto.so.3
libcom_err.so.2
libkrb5support.so.0
libkeyutils.so.1
libresolv.so.2
libpxbackend-1.0.so
libgobject-2.0.so.0
libcap.so.2
libGLdispatch.so.0
libGLX.so.0
libfreetype.so.6
libgraphite2.so.3
libicudata.so.75
libpcre2-8.so.0
libXau.so.6
libXdmcp.so.6
libcurl.so.4
libgio-2.0.so.0
libduktape.so.207
libffi.so.8
libbrotlidec.so.1
libnghttp3.so.9
libnghttp2.so.14
libidn2.so.0
libssh2.so.1
libpsl.so.5
libgmodule-2.0.so.0
libmount.so.1
libbrotlicommon.so.1
libunistring.so.5
libblkid.so.1
I donβt know why it links to a systemd library. Here are the runtime dependencies of rook:
linux-vdso.so.1
libresolv.so.2
libc.so.6
/lib64/ld-linux-x86-64.so.2
Donβt get me wrong: KeePassXC is one of my favorite programs. But donβt leave it running all the time, and it canβt be run on headless systems.
I see, thanks for explaining. So IIUC, rook is intended for headless systems?
I use it for everything, but then, I wrote it. All of the desktop secret service tools have desktop dependencies (Gnomeβs uses Gnome libraries, KDEβs pulls some KDE libraries) and run through DBUS; since I donβt use a DE, itβs a fair bit of unnecessary bloat. And I donβt like GUI apps that just hang around in the background consuming resources. I open KeePassXC when I need to make changes to the DB, and then I shut it down. Otherwise, it hangs out in my task bar, distracting me.
Rook is for people who want to run on headless systems, or want to minimize resources usage, or donβt use a desktop environment (such as Gnome or KDE), or donβt run DBUS, or donβt run systemd. Itβs for people who donβt want a bunch of applications running in the background in their task bar. KeePassXC providing a secret service is great, but itβs overkill if thatβs most of what itβs providing for you, most of the time.
I donβt think took is for everyone, or even for most people. Itβs for people who like to live mostly in the command line, or even in VTs.
