Fully support keepassxc-cli options #1047

New issue

Closed

opened 2025-03-27 12:46:04 +00:00 by aledeg · 11 comments

aledeg commented 2025-03-27 12:46:04 +00:00

Copy link

What I'd like to do and why

TL;DR: Add support for --key-file and --yubikey while using keepassxc for credentials

---

I have my passwords stored in a keepassxc file and I want to use those directly with borgmatic. Unfortunately, I cannot retrieve them since I am using a key file on top of my master password.

I've ran the keepassxc-cli with the --key-file option to validate that I can access my keepassxc file from the command line and it's working fine.
I've ran my borgmatic script with the secret stored in my keepassxc file and it's working fine.
I've checked the keepassxc.py file and I could not find a way to add options while invoking the CLI program.

Is there something I am missing?

I also want to use a yubikey in the future. It would be nice if the --yubikey option is also supported.

Other notes / implementation ideas

No response

### What I'd like to do and why **TL;DR**: Add support for `--key-file` and `--yubikey` while using keepassxc for credentials ----- I have my passwords stored in a keepassxc file and I want to use those directly with borgmatic. Unfortunately, I cannot retrieve them since I am using a key file on top of my master password. I've ran the keepassxc-cli with the `--key-file` option to validate that I can access my keepassxc file from the command line and it's working fine. I've ran my borgmatic script with the secret stored in my keepassxc file and it's working fine. I've checked the keepassxc.py file and I could not find a way to add options while invoking the CLI program. Is there something I am missing? I also want to use a yubikey in the future. It would be nice if the `--yubikey` option is also supported. ### Other notes / implementation ideas _No response_

witten commented 2025-03-28 19:51:37 +00:00

Owner

Copy link

Thanks for filing this... These seem like reasonable additions to me! In the meantime, try something like this:

keepassxc:
    keepassxc_cli_command: keepassxc-cli --key-file /path/to/your/keyfile

Thanks for filing this... These seem like reasonable additions to me! In the meantime, try something like this: ```yaml keepassxc: keepassxc_cli_command: keepassxc-cli --key-file /path/to/your/keyfile ```

witten added the

good first issue

label 2025-03-28 19:51:42 +00:00

witten commented 2025-03-28 20:03:33 +00:00

Owner

Copy link

FYI it looks like your email provider is blocking emails from projects.torsion.org, so if you're not receiving ticket notifications, that's why.

FYI it looks like your email provider is blocking emails from projects.torsion.org, so if you're not receiving ticket notifications, that's why.

👍 1

aledeg commented 2025-03-28 21:28:52 +00:00

Author

Copy link

Thanks for filing this... These seem like reasonable additions to me! In the meantime, try something like this:

keepassxc:
    keepassxc_cli_command: keepassxc-cli --key-file /path/to/your/keyfile

I'll give it a try later. Thank you for considering that.

> Thanks for filing this... These seem like reasonable additions to me! In the meantime, try something like this: > > ```yaml > keepassxc: > keepassxc_cli_command: keepassxc-cli --key-file /path/to/your/keyfile > ``` I'll give it a try later. Thank you for considering that.

👍 1

aledeg commented 2025-03-28 21:41:08 +00:00

Author

Copy link

Thanks for filing this... These seem like reasonable additions to me! In the meantime, try something like this:

keepassxc:
    keepassxc_cli_command: keepassxc-cli --key-file /path/to/your/keyfile

I've tried that and it does not work. The order of the argument is not render in a way that is understood by the cli tool.
I have something like the following

keepassxc-cli --key-file </path/to/key> show --show-protected --attributes Password </path/to/safe> <attribute>

With this syntax, here is the error generated Invalid command </path/to/key>

> Thanks for filing this... These seem like reasonable additions to me! In the meantime, try something like this: > > ```yaml > keepassxc: > keepassxc_cli_command: keepassxc-cli --key-file /path/to/your/keyfile > ``` I've tried that and it does not work. The order of the argument is not render in a way that is understood by the cli tool. I have something like the following ``` keepassxc-cli --key-file </path/to/key> show --show-protected --attributes Password </path/to/safe> <attribute> ``` With this syntax, here is the error generated `Invalid command </path/to/key>`

aledeg commented 2025-03-28 21:41:45 +00:00

Author

Copy link

FYI it looks like your email provider is blocking emails from projects.torsion.org, so if you're not receiving ticket notifications, that's why.

I know, I've had hard time to validate my email when creating my account.

> FYI it looks like your email provider is blocking emails from projects.torsion.org, so if you're not receiving ticket notifications, that's why. I know, I've had hard time to validate my email when creating my account.

😕 1

witten commented 2025-03-28 23:15:52 +00:00

Owner

Copy link

I've tried that and it does not work. The order of the argument is not render in a way that is understood by the cli tool.

Ah that's unfortunate! I guess this ticket really needs to be implemented for this functionality to work.

> I've tried that and it does not work. The order of the argument is not render in a way that is understood by the cli tool. Ah that's unfortunate! I guess this ticket really needs to be implemented for this functionality to work.

❤️ 1

gautamaggarwal2810 commented 2025-03-29 12:29:30 +00:00

Contributor

Copy link

I would like to work on this issue!!

I would like to work on this issue!!

🎉 1

witten commented 2025-03-29 16:14:23 +00:00

Owner

Copy link

Sounds good! It's hopefully pretty straightforward, but please let me know if you have any questions along the way.

Sounds good! It's hopefully pretty straightforward, but please let me know if you have any questions along the way.

gautamaggarwal2810 referenced this issue 2025-03-30 14:11:31 +00:00

Fully support keepassxc-cli options #1047 #1049

witten referenced this issue from a commit 2025-04-03 18:28:10 +00:00

Add "key-file" and "yubikey" options to KeePassXC credential hook (#1047).

witten commented 2025-04-03 18:29:56 +00:00

Owner

Copy link

This is now implemented in main by @gautamaggarwal2810 and will be part of the next release!

This is now implemented in main by @gautamaggarwal2810 and will be part of the next release!

❤️ 1

witten closed this issue 2025-04-03 18:29:57 +00:00

witten referenced this issue from a commit 2025-04-03 18:42:49 +00:00

Fix KeePassXC error when "keepassxc:" option is not present, add new options to NEWS (#1047).

aledeg commented 2025-04-03 20:51:12 +00:00

Author

Copy link

Great! Thank you for that.

Great! Thank you for that.

witten commented 2025-04-06 15:43:22 +00:00

Owner

Copy link

Released in borgmatic 2.0.0!

Released in borgmatic 2.0.0!

🎉 1

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

bootstrap-multiple-latest-archives

parallel-borgmatic

command-hook-steps

2.1.6

2.1.5

2.1.4

2.1.3

2.1.2

2.1.1

2.1.0

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

1.9.14

1.9.13

1.9.12

1.9.11

1.9.10

1.9.9

1.9.8

1.9.7

1.9.6

1.9.5

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.14

1.8.13

1.8.12

1.8.11

1.8.10

1.8.9

1.8.8

1.8.7

1.8.6

1.8.5

1.8.4

1.8.3

1.8.2

1.8.1

1.8.0

1.7.15

1.7.14

1.7.13

1.7.12

1.7.11

1.7.10

1.7.9

1.7.8

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.24

1.5.23

1.5.22

1.5.21

1.5.20

1.5.19

1.5.18

1.5.17

1.5.16

1.5.15

1.5.14

1.5.13

1.5.12

1.5.11

1.5.10

1.5.9

1.5.8

1.5.7

1.5.7.dev0

1.5.6

1.5.5

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.22

1.4.21

1.4.20

1.4.19

1.4.18

1.4.17

1.4.16

1.4.15

1.4.14

1.4.13

1.4.12

1.4.11

1.4.10

1.4.9

1.4.8

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.26

1.3.25

1.3.24

1.3.23

1.3.22

1.3.21

1.3.20

1.3.19

1.3.18

1.3.17

1.3.16

1.3.15

1.3.14

1.3.13

1.3.12

1.3.11

1.3.10

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

1.2.18

1.2.17

1.2.16

1.2.15

1.2.14

1.2.13

1.2.12

1.2.11

1.2.10

1.2.9

1.2.8

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.15

1.1.14

1.1.13

1.1.12

1.1.11

1.1.10

1.1.9

1.1.7

1.1.6

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.3

1.0.2

1.0.1

1.0.0

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2

Labels

Clear labels   

blocked

  

breaking

  

bug

  

data loss

  

design finalized

  

good first issue

  

new feature area

  

question / support

  

security

  

waiting for response

No labels

blocked

breaking

bug

data loss

design finalized

good first issue

new feature area

question / support

security

waiting for response

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

3 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

borgmatic-collective/borgmatic#1047

No description provided.