Private KeePass Synchronization Between Desktop and Mobile

Password Management
Password management systems are recommended today to solve the problem of having too many passwords to remember, avoid using easily guessable passwords, yet avoid writing them all down. Portability and privacy are also problems when writing passwords on paper; what happens if you need to recover a password while traveling?

One solution is to use a password manager on the desktop/laptop and keep it synchronized with your mobile phone. This allows you to generate and manage complex passwords that don't need to be memorized or written, but you can still have access to them on your phone.

KeePass is the password management system recommended by privacytools.io. It is open source, and the community creates plug-ins to add functionality. The main KeePass application is for desktop/laptop use only, without an official mobile application, but there are some options for mobile. KeePass2Android is a highly rated companion to the desktop version, available in the Play store.

It is easiest to do almost all the creation and management of passwords in the desktop application, leaving the phone merely as a device to use while on the move. KeePass does have some built-in synchronization functionality, but it mainly deals with merging two password databases that are presumed to be updated independently. We want to simplify things, we will instead make one master database on the desktop that we transfer to the phone relatively easily. The hardest thing will be the initial setup, especially if you do not already have a home server.

KeePass keeps a single, encrypted file with the passwords on your system, along with a master password to open the database. There is an option to use a separate digital key file, in which the app must have both the database file (with master password) and the key file on the system in order to grant access. This is useful when a user wants to store the password database in cloud storage, which is supposedly safe, or in an even less secure place, or even to email the encrypted database. If the password database is somehow intercepted, an attacker could try to guess the master password using an automation tool like Hashcat until gaining access. The requirement to also possess the key file makes this kind of attack more difficult. Once the key file is installed on the system or phone, the only file that needs to be updated is the password database.

Synchronization Scheme at https://keepass.info/help/kb/trigger_examples.html#dbsync

A More Private Cloud
There is good reason for users to be paranoid about storing their password databases in their personal cloud like Dropbox, so perhaps "Any Cloud Storage Service" depicted above could actually be our own home server, presuming that it is actually secure. Note that the diagram above also assumes that we will do two-way synchronization, which is not the case in our one-way, master-slave arrangement.

Instead, we will save the password database either directly to a Linux server running Samba or transfer it there by SFTP on our own home network. Then we will retrieve the updated file from the server onto our phone and overwrite the old database.

Master-Slave Arrangement

The main computer is either a Windows or Mac with KeePass installed.

For the server, we could use a regular Linux machine, but if you already have a Raspberry Pi, you can set up a small file share on your home network. Look for articles about how to set this up on the Pi, like here. Setting up Samba on a full-sized Linux machine should be a little easier. You will need to know your IP address and have SFTP enabled in order to access it from the phone. Since IP addresses can change upon router reboot, it is also wise to configure the router so that the server always be assigned the same IP address.

We will assume the use of an Android phone. To get started, install Keypass2Android from the Play store. In order to retrieve the database file from the server to the phone, you will also need an FTP app, such as AndFTP.

Transfer Time
With everything installed, we are finally ready to go.

In KeePass on your computer, create a new database. Either save it directly to your shared drive or copy it there after you save and close KeyPass. If you choose to copy it, this task can be automated through Windows 10 scheduled tasks.



Connect your phone to your home WiFi, open AndFTP, connect to the server using its IP address, and browse to where the password database file was saved. It should have a kdbx extension. Download it to your phone.

Open Keepass2Android on your phone, then "Open file."

 Select "System file picker," then browse on your phone to where you downloaded the file.

The database file is selected, so enter your password and open the database. You should see your first entry. The next time you use Keepass2Android, it will remember your database file and key file, if applicable, so you only have to enter your password. Follow the Keepass2Android tutorials on how to use the special keyboard provided by the app that avoids allowing other apps snoop on your clipboard.

Later, when you add or update passwords in your master database, you can just use AndFTP to download and overwrite the file on your phone so you always stay in sync. 

This is one way to make use of a password manager and keep it synchronized between your main computer and your phone, all without backing up your password file to an external location.

Python and Lua Scripts for Building Scenarios in Command: Modern Air/Naval Operations

I have used the simulation, "Command: Modern Air/Naval Operations" (CMANO) at both home and work. There is a version known as CommandPE (PE is Professional Edition) with additional features. It is somewhere between and game and a full-blown simulation of modern warfare. You may find yourself needing to build scenarios before playing them, or perhaps you are building scenarios for some serious analysis.

The sim offers a scenario editor in which you can manually create warring sides and add bases, other facilities, ships, aircraft, and more. The editor makes it easy to build, and you may benefit from the considerable number of items that have been pre-built by the community.

The Lua scripting engine that is built into the game to control behaviors or add entities to the game, which is another good choice for building scenarios. Lua itself is a scripting language that shows up in games, and is often other software; the Wireshark packet-capturing and analysis program also has it embedded. The Lua functionality in CMANO allows you additional flexibility, especially for features or custom behaviors that are not already built into the game.

I used Lua within CMANO this year to take exports from one database and import the units into CommandPE. It requires several steps, but let's start backwards:
1. You need to get the entities into the game, so they look something like this when the scenario is built:

 2. So you need to add them through the Lua console, which looks like this, with the pasted Lua commands in the lower frame:

3. It would take hundreds or thousands of commands to populate even a medium-sized scenario this way, so if you already have a database and could export tables full of data, we could transform the tables into Lua commands that build all these units. The database dump would give us names of units (like airfields, ships, and aircraft squadrons) and locations, but we would need to add information and formatting so CMANO can properly insert each unit. In the example below, we have a "Location," which is actually a base, with its corresponding latitude and longitude. "AA" and "XX" are the two competing factions in the "LocationSide" column. However, to create an entity in the game, we need a CMANO database id. For example, by browsing the database viewer within the game, I discovered that "Structure (Military Base)" has ID 2419, and we will need that ID in our Lua command so CMANO can insert the correct facility type into the game. The user provides the rest from the data dump.

The resulting Lua command for the first base in the table above would be:
ScenEdit_AddUnit({side='Blue', type='facility', name="AA Airbase 1", dbid=1996, latitude='23.500000', longitude='70.220000'})
(See the link at the end of this posting for a list of all command formats.)


4. We could create a similar Lua command for every base, aircraft, ship, submarine, etc., in the game. My colleague did a similar thing in Visual Basic for Applications, and I wanted to try it out in Python, with the use of several lookup tables to make it easy to repeatedly export data and make the conversions. I used several lookup tables to map raw database entities to items that CMANO needs to function.

forces.csv

forces_dbid.csv

In this example, the forces.csv on the left lists the actual units to be inserted. the Python script joins it with the forces_dbid.csv lookup table and adds the database ID, or dbid, to the "forces" table wherever there is a matching UnitName. This is like a typical database join, but Pandas data frames allow us to use the Merge() method to achieve this.



Once the tables are properly joined, we end up with several tables that have all the required information. The script then processes each row in these tables, building Lua commands from the supplied parameters, and writing all the individual Lua commands to a text file. The user can then just open the file, copy those commands into the Lua script console within the game, and see the units appear on the map, as shown in the first image above.


It is important to note that you must process the facilities and ships before the aircraft, since aircraft are assigned to either bases or aircraft carriers, rather than latitudes and longitudes. So, the first fighter squadron in the table below gets planted on "AA Airbase 1," but only if that airbase already exists. Otherwise, there will be an error.

This is due to the format of the command to add an aircraft:
ScenEdit_AddUnit({side='Blue', type='aircraft', name="AA Fighter Squadron 1 #1", dbid=856, loadoutid=5270, base="AA Airbase 1"})
We have the choice of supplying an altitude, latitude, and longitude for flying aircraft, or for parked aircraft, we just name the base, as in the previous example.
(See the full formatting rule at https://commandlua.github.io/index.html#NewUnit)

If you wish to try it out or examine the approach, I have posted the code and some input files at https://github.com/mbondpro/commandlua . It may be easiest to run this by downloading Anaconda, a Python distribution that bundles the interpreter with Pandas and other data science packages. The main class is CmdData, and the commandLua.py file shows a typical loading and transformation sequence.

To learn more about CMANO, see here: http://www.warfaresims.com/
To learn more about Lua commands in CMANO, see here: https://commandlua.github.io/

Coin Collection Tracking Application Walkthrough

This video walk-through describes a Ruby on Rails 3.2 application I developed to track coin collections. This was one of my biggest projects, originally written in PHP and then ported over to Rails 2, and later upgraded to Rails 3.

The user can create an account and then select existing coins from the rather complete catalogue of U.S. coins throughout the decades. Coins often have grades associated with them, so the user can assign a grade to the coin when adding the coin to the collection or just add a coin and leave it without a grade. In order to add a graded coin, the user must visit the coin's detail page and select the grade.

Adding a graded coin

Coin counts in the collection

Anywhere else, in order to make it more usable, the application just adds an ungraded coin.

The application makes use of AJAX in several places to improve the user experience. For example, when coins are added or removed from the user's collection, the plus and minus buttons make a call in the background. If the action was successful, the page updates via JavaScript without a page refresh.

It is also possible to upload one's own pictures to the site in order to complement the coin images that already exist.

I will eventually post code at my GitHub account.

"Tips and Commissions Tracker" Code and Walkthrough

Several years ago I created a Ruby on Rails 3.2 application to track my wife's tips and commissions at work, since she works in the skin care industry. I only made it available to her while I developed it, so even though it was publicly posted, it was not yet meant for mass consumption, so I didn't add bells and whistles to make it work for everybody's situation. Nevertheless, it is stable and has a few neat features:

1. It generates reports based on several stats, not only in table form (weekly, per pay period, etc.), but with graphs over time. I used the "RServe" Rubygem to embed R commands in the Ruby code. The RServe listener sits on the server, receives the commands, processes the input, and dumps the plots wherever indicated.

2. The application detects whether the user is using a desktop-sized browser or mobile browser and automatically serves up the right format. I used the mobile_fu gem to enable this.

To use the application, the user registers and can set up to have more than one company that (s)he works for. If there is more than one company, inputs will be isolated between companies. Once the account and company are established, the user sets up the types of services that are provided. This provides a kind of service menu, with prices. When a user wants to record a treatment, she goes to Add Treatment and can select one or more services that were provided, as well as choosing from existing or new customers. There are more details in the video walk-through provided below.

The code is posted at https://github.com/mbondpro/tipper.

Mini-Blog Code and Walkthrough

I created a "mini-blog" application some time ago in Ruby on Rails 3.2, and I recently posted the code to GitHub.

See the code here: https://github.com/mbondpro/miniblog

I also recorded the walk-through you see below to demonstrate the main features.

Welcome

Welcome to this blog, where I will be posting information about my technology projects and interests. Also see my GitHub page, where I will be posting some of my favorite projects over the next few weeks.  https://github.com/mbondpro