Self Hosting Password Management

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] so [Music] hello and welcome back once again oh darn i gotta find that password it's in here somewhere what is it page 56 oh yeah that's right that password was just password why did i forget that okay anyway we're going to talk about self-hosting password management as you add self-hosted applications you're going to end up with more virtual machines and lexi lexd containers and all of them are going to have passwords in my apache guacamole video we learned how guacamole can track the addresses usernames and passwords for the server instances however almost all self-hosted applications are web-based and have web instance usernames passwords and sometimes even two-factor authentication keys how can those be managed well with the use of a password manager you've got authentication information for your bank google amazon microsoft apple paypal and numerous other sites now add your self-hosted apps to this list and i can guarantee that list is going to get to be huge most people either use the same username or password for most all of their sites or they have a password notebook when it looks kind of like this one here except it's a lot easier if you just set your passwords to things like password because then you'll never forget them and you won't need the book password managers are a bit safer than that though password managers like lastpass nordpass 1password mcafee truekey and others are better alternatives because you can set complex passwords and safer passwords however you can self-host your own password manager the password manager i like and the one we're going to be talking about today is bit warden bet warden is a self-hosted password manager or you can always go out to amazon and you can buy one of these nice password books that looks a little bit better than this book and it says password book on the front if you get one of these books you don't want to lose it so leave it on the desk where everybody can find it right a bit warden server is a place to store multiple users passwords vaults a vault is a collection of all the usernames and passwords and websites that that particular user has a bitwarden server can store multiple vaults for multiple users each password vault is protected by a master password that only the user of that vault knows bit warden can remember usernames passwords website addresses two-factor authentication keys credit cards and even private notes so how does bit warden work well bit warden has a web add-on that locally caches all passwords it updates it provides updates or tracks updates to your passwords that can be done when the bitwarden server comes back up in the event that the bit warden server is down so you don't have to worry if your server's down you still have access to your passwords each user has the option to export a copy of their own personal vault to a file and password vaults can be imported to one or more bit warden servers in addition to that you can actually import a password vault from one of the other commercial password managers into bitwarden to get a good starting point only the server that you're logged into on bitwarden is the one that will track the changes and bit warden clients exist for all major web browsers as web add-ins they exist for all major operating systems linux mac os windows and so on as well as android and ios for mobile compatibility okay now we're going to go ahead and install docker i have here alexi instance of ubuntu 2004 this could just as well be a virtual machine or it could also be a bare metal server so i'm going to start by installing docker and i've already got docker installed on this machine but there's the curl command to install docker i'll include it in the notes in the show notes next thing i want to do is i want to do a sudo su become super user and the next thing i want to do after that is add a user for bit warden called bit warden and then i want to add bit warden to the docker group so that bit warden can do docker commands unprivileged and then i want to go ahead and create a bit warden directory for the bit warden user and then i want to change the ownership of the directory that i just created to be owned by the bitwarden user and then i want to install docker compose so i'll do a sudo apt install docker dash compose i guess if i was smart here i would have not had to put the pseudo command button in because i did sudo from the front end but no matter okay next thing we want to do is a pseudo apt install curl turns out curl is already on this particular system next thing i want to do is i want to sudo over to the or su over to the bit warden account so i can become the bit warden user you can see there i have a bit warden at bit warden dash test which means i'm the bit warden user next thing i want to do is go get the bit warden install script with the w gap the next thing i want to do is change the script that i just downloaded to have execute privilege and finally i want to go off and execute the script so we do an ls there's the script so to install bit warden i want to do a dot slash bit warden dot sh space install it will come up and ask me for the domain name for my bit warden instance and i'm going to call it passwords dot scatterbyte dot com so it's important to have made this entry in your dns service provider first off so that you have a password up there i mean you have a a a domain name up there so mine's passwords.scottabyte.com your yours will be different and want to know if i want a free ssl certificate from let's encrypt the answer is yes enter your email address so i'm going to enter vms man at scottabyte.com and it's going off and pulling down the docker instance and doing the installation they want to know the database name for the instance so i'll just call it i'll just call it vault which is their suggestion you can call your database instance anything you want it's pulling down a second docker instance for the database and now it wants to know what the installation id is and that's where we have to go out to bitwarden.com host so here's the website bitwarden.com forward slash host i'm going to go ahead and enter vms man at scottabyte.com which is what i did i did a submit and then they give you an installation id and an installation key so if we go down here to the installation they will be asking me for my installation id to begin with this is going to be unique for every installation of bitwarden that you do so i'm going to drop my installation key in here and then it's going to ask me for an installation key and i paste the installation key in here now it's going to go out and generate an encryption key and it's done now in order to start the completed bit warden server we want to put in dot slash bit warden dot sh start just like they say and it's going to start the containers that have been configured it'll go look for a refresh as it begins okay now that the product is completely installed you'll notice a note at the end of this in order to upgrade to newer versions of bit warden you can always perform a dot bit warden dot sh update self in other words you go ahead and run this update script and it'll update the newest version and then after that you do a dot slash bit warden dot sh update so those two commands anyway we're not quite done being configured the other thing that we want to do is we want to go edit this file um it's called the override file and you want to go down here and you want to set a few values so the values that are important to set are the one for the male smtp uh host the male smtp port the mail smtp ssl if you're going to be ssl the username and the password okay so those are the basically the four things or the five things that you want to set and once you've set those then you want to go off and save your file i've got some previous videos that talk about how to set up mail for self-hosted applications now that we've made the changes to the environment file we're going to need to restart the bitwarden server and we're going to do that with a bit warden running the bitwarden script with the restart switch so here's the restart switch and once again it's going to go out and repeat bringing the containers back up making sure everything is fine so now i can go ahead and log off of my bit warden account i can log off of my root account that i logged in with and i can log off on my bit warden test server okay now i went to passwords.skatabite.com you can see the main page for bit warden we're going to be going off and saying create an account and once we create an account we'll have the email address your name pass master password they'll have you re-type the master password and a hint you have to remember that master password because basically there's no way to get it back anyway that's basically it to creating an account and getting started with it so in summary you can do a lot more with bit warden and what i've done here obviously bit warden's a great open source password manager bill warden tracks credentials for websites including user names passwords and even two-factor authentication keys so you wouldn't have to use something like google authenticator bit warden can also store credit card and passport information and bitwarden can be exported and imported for backup anyway that's all for today and uh if you like what you see please subscribe and like and we'll see you next time [Music] [Applause] [Music] you

Info

Channel: Scotti-BYTE Enterprise Consulting Services

Views: 69

Rating: undefined out of 5

Keywords:

Id: mWlMzfGhn9s

Channel Id: undefined

Length: 15min 37sec (937 seconds)

Published: Tue Oct 19 2021