this post was submitted on 30 May 2025
55 points (98.2% liked)

Selfhosted

60734 readers
131 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

Rejoice! Our beloved password manager, ZX2C4's pass, sees its Android implementation back on F-Droid. This APS fork has been pushing development forward since some time already, and has finally been published on the aforementioned app store earlier this month.

top 12 comments
sorted by: hot top controversial new old
[–] matcha_addict@lemy.lol 4 points 1 year ago* (last edited 1 year ago) (1 children)

Is this an alternative to bitwarden and keepass? Is it better in terms of security?

[–] phase@lemmy.8th.world 1 points 1 year ago

I don't have any experience with bitwarden. The question is what do you want.

I like pass because I can host my password with git, a decentralised storage. I have to manage the key myself.

[–] Zwuzelmaus@feddit.org 4 points 1 year ago (1 children)
[–] 0bs1d1an@infosec.pub 4 points 1 year ago (1 children)

Did you see the Documentation section in the README.md? You basically initialise a password store on your server, and you use an implementation like this to sync (SSH + git) your passwords, which are encrypted via your GPG key.

https://www.passwordstore.org/ has some instructions how to initialise a password store on, for example, your server. Then refer to https://github.com/android-password-store/Android-Password-Store/wiki/First-time-setup to configure the app.

[–] Zwuzelmaus@feddit.org 3 points 1 year ago

Did you see the Documentation section in the README.md?

Yes, that's why I'm asking.

[–] ReginaPhalange@lemmy.world 1 points 1 year ago (1 children)

Anyone know what windows client is able to use GNU pass?

[–] AbidanYre@lemmy.world 1 points 1 year ago

It runs fine in wsl. Admittedly that's not ideal, but may be the best option.

[–] BozeKnoflook@lemmy.world 1 points 1 year ago (1 children)

Unfortunately OpenKeyChain is now no longer being developed. It still works.. for now.

[–] 0bs1d1an@infosec.pub 6 points 1 year ago (1 children)

APS moved away from OpenKeychain to PGPainless some time ago, from before this fork started. While not perfect either (see https://github.com/agrahn/Android-Password-Store/issues/287), PGPainless is being maintained, and from what I can tell from this APS fork's git log, is automatically bumped via their renovate bot (e.g. https://github.com/agrahn/Android-Password-Store/commit/9a6b596199d7eb87b40b53c4cb111ba7a5b48188)

[–] BozeKnoflook@lemmy.world 3 points 1 year ago (1 children)

Omg thank you! I was just starting to look for alternatives

[–] 0bs1d1an@infosec.pub 2 points 1 year ago

I was too! I almost migrated to Vaultwarden, but I'm very thankful this fork is continuing the original maintainer's work.

[–] fireshell@fedia.io 1 points 1 year ago

Integration with Android

The GnuPG implementation for Android is called OpenKeychain. To configure it, just go to the "key management" menu and import the previously created secret key. The only drawback of OpenKeychain for me personally is that there is no fingerprint unlocking.

The pass implementation for Android is called android-password-store, or simply APS.

Install and launch APS. Before synchronizing the password store, go to the "Settings" menu. There we will need the following items:

  1. Git server settings. The resulting URL should be the same as that specified on the repository page on github. Authorization type - OpenKeychain.

  2. Git utils. In this section, specify the username and email from the gpg key.

  3. OpenPGP provider. Select OpenKeychain.

  4. Autofill.

Now you can clone. Select "clone from server" on the main screen, specify the desired location of the repository, check the git settings.

Of course, pass is not that easy to set up. However, this price buys confidence that the tools we use will not one day be declared obsolete, will not change their data format, and will not be left without support.