Add Password manager by default

fpm2 has been removed from Debian stretch. ( https://packages.debian.org/search?searchon=names&keywords=fpm2 )

Reason… Quote https://ftp-master.debian.org/removals.txt

[Date: Thu, 30 Apr 2015 12:15:11 +0000] [ftpmaster: Scott Kitterman]
Removed the following packages from unstable:

  fpm2 |     0.79-3 | source, amd64, arm64, armel, armhf, i386, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, ppc64el, s390x, sparc
  fpm2 |  0.79-3+b1 | hurd-i386

Closed bugs: 783762

------------------- Reason -------------------
ROM; obsolete, low popcon, dead upstream, better alternatives

Also closing bug(s): 542174 609686 647440
Also closing WNPP bug(s): 752392

It won’t come back. Looks like.

So it’s either no password manager installed by default for Debian stretch based Whonix or another one. Suggestions welcome.

A good replacement s Schneier’s passwordsafe but its only available in Stretch and Sid.



We can wait quite some time for it to enter stretch.

What is command line to install KeePass?
sudo apt-get install keepass2 it doesnt work.

"same as in Debian"

KeePass’ reaction to a MITM bug report against its Update Check:


8.2.2016 @ 15:45: Received response from Dominik Reichl: The vulnerability will not be fixed. The indirect costs of switching to HTTPS (like lost advertisement revenue) make it a inviable solution.

I don’t feel comfortable using software whose developers’ priorities are so twisted.


Good day,

That doesn’t even make sense considering the fact that, aside from apparently having their priorities quite wrong, they seemingly never considered the abundance of solutions, like hosting the downloads on different, secure servers like Putty does or simply waiting a few months until every advertiser uses HTTPS as it is starting to become more and more affordable, as well as enforced by Google…

This reaction really makes them seem both untrustworthy, as well as (at least seemingly) not willing to provide the product they claim to provide.

Have a nice day,


1 Like

I just wanted to add that the current version (2.0.2) of KeePassX is available in jessie-backports since March (2016) and the bug report Patrick mentioned has been closed last year (2015).

@Occq are you still with us, still interested in this?

Can you add this please to the wiki page? ( https://www.whonix.org/wiki/Dev/Password_Manager )

Can you also please make a mention / stub about passwordsafe?


My experience:

KeePass 2 - Bloated with mono dependencies and poor UI under Linux

KeePassX 0.43 - Works decently, tried and tested, but barebones, imports have issues, headed toward deprecation

KeePassX 2.0.2 - Works, less bloated than KeePass 2, but has issues interacting with virtual machines (when used on host) that were not present in 0.43, forced one-way import of KeePassX 0.43 databases, some small UI issues

KeePassX 2 seemed like the only way forward but the issues with VM interaction (auto-type) sent me back to 0.43.

Saw PasswordSafe in sid but didn’t give it a chance.

I don’t use auto-type, but the awful UI sent me back to 0.43. In a non-networked vm, 0.43 seems “good enough”. Will give Passwordsafe a go - Schneier’s brand should give it some activity.

Passwordsafe 0.98.1BETA (2016-04) is available in jessie-backports:

Fully featured, extensive options. Tree View UI is somewhat lacking IMO.

1 Like

Agreed. There are sufficient options, but tree view displays information very poorly and with no icons, clearly inferior to KeepassX. Double-click is unreliable depending on the action you have it set to (probably a bug).

The dragbar is a nice feature, but I haven’t put the auto-type or copy paste features through their paces to know if they’re reliable (for my own needs). Apart from deprecation this (functional auto-type) would be the only incentive I have to use (rather, move to) passwordsafe.

The dragbar is quite useful within a guest VM for quick copying fields without keyboard. But it can’t copy from host to guest (N/A for Whonix itself).

The Auto-Type only works from host to guest (N/A for Whonix itself) if you select the “Use alternate auto-type” in the options. With it enabled, it does not appear to choke the way KeePassX2 does (but only tried it only now; was running it in a guest only before).

Wait a second-

I see no option to use keyfiles in passwordsafe to open databases (forgot about this). That might be a deal-breaker. Both KeePassX and Figaro supported them.

… aaaaaaaand now the wxwidgets-based UI is becoming unresponsive and I have to kill -9 it (running in Whonix Workstation again; best I can describe is all the buttons stopped working). That went downhill fast. (or this is not my day)

Well, for myself it appears I’m going to get stuck with KeepassX 2 once 0.43 expires, despite auto-type and other issues which seem dead in the water (but perhaps it’ll pick up by the time Stretch hits?): https://www.keepassx.org/dev/projects/keepassx/issues?set_filter=1&tracker_id=1

I am not so sure Whonix would do better with PasswordSafe in its current state either. You get a dragbar but lose keyfiles and decent tree view, and add whatever else just happened.

Hello,are you going to choose another password manager? Maybe you can try password manager Password Manager
it is worldwide use and reliable, it is free now and you can have a try also can make a conparison.

@entr0py removed link to spam/ad/frivolous product.


Maybe you can try password manager Password Manager
it is worldwide use and reliable, it is free now and you can have a try also can make a conparison.

Not Libre Software. Cannot include.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]