I’d like to host the database of an opensource password management program called KeePass on my NextCloud server Is such a thing possible? Like my files, I will be the sole owner of my most important data; passwords. Then I can reach them from any device anywhere.
I suppose it’s a simple file. That should be possible.
There is even a password manager in development for NC:
I think there’s already a keepass app also.
I use the Nextcloud-hosted Keepass database together with the corresponding apps on laptop and smartphone without any problems.
There’s an app to use the database within Nextcloud: Keeweb integration
KeePass has a sync function, that writes the database to the cloud storage of your choice. If syncing is what you would like to do, then I suggest to read the docs on the KeePass website about syncing and also about triggers (without triggers, there is no automatic syncing after saving the changes).
If you rather want to simply open the password vault from Nextcloud and don’t have it stored on your local device at all, I’m not sure if that’s possible. I guess you need an app at least then.
For myself I prefer the sync method, because even if the server is not reachable for any reason, I can still access my passwords even if one or two passwords are probably outdated (depending on how long the NC’s outage lasts).
Thank you tflidd. It’s nice to know that there will be an application for Nextcloud for this purpose.
Thank you very much. I implemented it right away. I imported the kdbx file from teh Desktop KeePAss program to xml format then opened it under the keeweb app in Nextcloud. Now, I can see all teh imported passords under Nextcloud GUI nicely. Now I have been trying to access it from the iKeePass app in my iPhone. This app allows to have webServer and HTTP download options. Only for the later option I can enter the URL of my kdbx database file which I am not sure where it is? So how am I going to configure the iKepass so that it can access the KeePAss database hosted by Nextcloud?
Also I am not sure if the keeweb app syncs automatically when a new password is added or edited on the iPhone? Thank you again for your help.
I sync .kbx files for month with Nextcloud without any problems. Put the .kbx in your cloud and open it natively with :
KeepassX on Desktop (Windows, MacOS) : https://www.keepassx.org/
KeepassDroid on Android : https://f-droid.org/repository/browse/?fdfilter=keepass&fdid=com.android.keepass
Minikeepass on iPhone (not open-source)
all works with password & key file (you can use an image out of the cloudbox) for further security …
Hi, I would like to open this topic again since I’m struggling with getting this to work.
I’m running nextcloud with nginx behind a VPN (FritzBox) and are able to use the android nextcloud app to connect to nextcloud. I was also able to “import” an existing Keepass.kdbx file into the nextcloud App Keeweb. But with this I was not able to open it with my android Keepass app.
So I moved the *.kdbx file to a folder in nextcloud and wanted to open it with WebDAV. But I’m not able to do so. I receive error messages. What I tried is to connect with an alternative WebDAV app (solid explorer). But I also receive an error without any details.
Do you have any ideas what I can do to get this work. And maybe what I can do to get a “real” error code?
Yeah, the Keeweb app isn’t as good as I’d hoped. You’re better off simply syncing your kdbx file and using separate apps on your desktop and mobile.
I’d originally assumed you could point Keeweb to the kdbx file that I was already using, and that way I would have one single file that I could use anywhere, including via the web interface.
You can’t. Keeweb will hold a separate kdbx file that can’t be synced anywhere. I tried it, and fell back to simply syncing the kdbx between my laptop, desktop, and mobile. Much easier.
Hopefully Keeweb will get improved functionality in the future. It’s a great concept, but it’s not yet very useful outside of a few fringe cases.
You might be better off simply syncing the kdbx via the Nextcloud mobile or desktop app, then opening the file in the appropriate Keepass app (e.g. Keepassdroid).
As I said, I really like the idea, but it’s not there yet. I’m hoping the Keeweb dev won’t give up and will improve the functionality in the future.
Call me crazy … But I tried everything. WebDAV, Keeweb etc. But now i figured out that open it directly in the nextcloud android app works. I’m sure I tried it before but maybe did not. Seems to work now.
I need to correct me. Open the database once is possible but twice or saving not. I dont want to download and upload the kdbx file every time manually. Is there no other way oft doing this?
I’m not sure what you mean by this. WebDAV is a protocol, so you’d still need an appropriate webDAV client to access the file. (The key word there is appropriate.)
I hadn’t heard of Solid Explorer, so I looked it up - While it appears to support webDAV and support mainstream cloud services (onedrive, dropbox, etc), I’m not sure it’s geared towards remote editing of files in Nextcloud. As I said, webDAV is a protocol (an extension of HTTP), so the fact an app speaks the protocol doesn’t always mean it knows how to use it with the server. I speak English, but that doesn’t mean I understand everything Richard Feynman said.
I’d stick with apps that are designed to work with Nextcloud (or ownCloud).
This works fine in the browser using Keeweb for me. Of course, then the kdbx file can’t be synced anywhere else. Not sure why you couldn’t open it twice using the Nextcloud Android app. Opening it once means the file was downloaded. From there, you only need to download again if the file on the server changes.
When you use the Nextcloud Android app, it’s actually downloading the file. You don’t need to download it each time, because once downloaded, it stays on the phone. You only need to re-download if you change the file on the server. If you change the file on your phone, then you need to upload it to the server.
Any app that accesses the kdbx file is basically downloading it, even if that download is hidden from you in a cache or temp folder. This is the same as how your browser downloads webpages/images in order to display them - they’re kept in temp folders and caches. The main difference is that people generally don’t edit webpages for re-uploading.
You should give the latest dev client a try. It’s has massively improved uploading/downloading functionality. It may better fit how you want to use your phone.
And that is what I dont want to do. I use Keepass2Android on my phone and the APP offers a lot of options where the app loads and syncs the *.kdbx file automatically with the file on the server by opening and storing. So where I don’t need to work with the nextcloud APP additionally. The APP even offers WebDAV (http) and WebDAV (https) but I dont get this running.
Do you know a Android APP which works where I could test to access the file or folder to test that WebDAV works well?
Then I’m not sure what you’re after. If the app downloads and uploads for you, then downloading and uploading is still happening, it’s just hidden from you.
The Nextcloud Android app! That works via webDAV, and so does the Nextcloud desktop app. So does the web interface, when you’re uploading and downloading or using certain server apps*.
WebDAV is a protocol that is used to create a communication framework. Each webDAV project can create their own incompatible framework using webDAV, which is why you’re better off sticking with apps that are Nextcloud specific (or writing your own with Nextcloud in mind).
For example, over the last year Nextcloud has diverged from ownCloud to the point that some client and server apps work with both NC and OC, but others don’t. I was just having a discussion in the ownCloud forum where a guy was trying to make the Nextcloud Bookmarks app work with ownCloud, but couldn’t (he just gets a blank page). Yet I’m able to get ownCloud server apps like Mozilla Sync 1.4 working just fine in Nextcloud.
In F-Droid, I searched for “nextcloud” to get a decently long list of Android apps to play with. I also tried “owncloud” because many of them still work with Nextcloud.
I hope I’ve been somewhat helpful! Let me know if I’ve still been too unclear.
*apps. After proof-reading my post, I noticed I’m clumsy when using the word app. I’m having trouble distinguishing client apps (like the Nextcloud Android app) from server apps (like Keeweb). I’ve rephrased a few things I said to be clearer, and I’m sorry if I’ve still been vague!
I’m simple not able to set the app to do this. I got error messages but without any additional information. So I’m not really able to figure out why it’s not working.
I can’t get this to work either.
I’m trying to do the following:
- On my desktop, I store my keepass.kdbx file in my Nextcloud folder so all changes are automatically saved in Nextcloud
- On my android device, I open keepass (I’m using Keepass DX but it seems to be the same for all keypass clients)
- I navigate to to Nextcloud (firstname.lastname@example.org) -> Passwords -> Passwords.kdbx
- I enter my password
- All is great.
- Then, I try to open my keypass program a second time and instead of showing me the name of my database, it says: 21 and when I try to open it I get: “File not found”
My conclusion: Nextcloud provides some kind of virtual file system for apps like Keepass. And, this virtual file system does not persist.
I think the best answer is to copy the keepass database from Nextcloud to the local android file system. Then, if I make a change on the android, copy it back. And, if I make a change on my desktop, I have to copy it from android to the local file system.
Ah - problem solved. Keepass2Android via google play does support opening a keepass database via “ownCloud” (which also works with Nextcloud). If you select ownCloud when opening your database then it all works :).
But KeepassDX and apparently some other clients don’t offer native webdav/ownCloud/Nextcloud support.
Thnx DarkSteve, I suddenly had trouble with KeepassXC Android clients, not able to sync with the URL provided to the Nextcloud profile inside the Keepass app. When I chose “use filesystem file browser” and pointed there to the Nextcloud folder, it worked flawlessly.
After that I also could close the firewall ports for the KeepassXC client, since it syncs through the Nextcloud sync client. Excellent!