SysPass是一个密码管理器,允许用户在中央加密位置安全地存储和管理他们的密码和其他敏感信息。它使用加密和哈希算法的组合来保护用户数据,并提供一系列功能,例如密码生成、自动登录和密码共享。SysPass是开源软件,这意味着其代码是公开可用的,并且可以由任何人出于安全目的进行审核。它的设计易于使用,可以从任何具有互联网连接的设备访问。
在 Ubuntu 22.04 LTS 上安装 sysPass 密码管理器 Jammy Jellyfish
第 1 步。首先,通过在终端中运行以下命令,确保所有系统软件包都是最新的。apt
<span class="pln">sudo apt update sudo apt upgrade</span>
第 2 步。在 Ubuntu 22.04 上安装 LAMP 堆栈。
在开始本教程之前,必须在服务器上安装 LAMP 服务器。如果您没有安装 LAMP 堆栈,您可以按照我们的指南进行操作。
第 3 步。在 Ubuntu 22.04 上安装 sysPass 密码管理器。
默认情况下,sysPass 在 Ubuntu 22.04 基本存储库上不可用。现在运行以下命令,从 Ubuntu 系统的 Git 存储库下载最新的稳定版 sysPass:
<span class="pln">git clone https</span><span class="pun">:</span><span class="com">//github.com/nuxsmin/sysPass.git</span>
接下来,将下载的目录移动到 Apache Web 根目录:
<span class="pln">mv sysPass </span><span class="pun">/</span><span class="kwd">var</span><span class="pun">/</span><span class="pln">www</span><span class="pun">/</span><span class="pln">html</span><span class="pun">/</span><span class="pln">syspass</span>
我们需要更改一些文件夹权限:
<span class="pln">chown </span><span class="pun">-</span><span class="pln">R www</span><span class="pun">-</span><span class="pln">data</span><span class="pun">:</span><span class="pln">www</span><span class="pun">-</span><span class="pln">data </span><span class="pun">/</span><span class="kwd">var</span><span class="pun">/</span><span class="pln">www</span><span class="pun">/</span><span class="pln">html</span><span class="pun">/</span><span class="pln">syspass
chmod </span><span class="lit">750</span> <span class="pun">/</span><span class="kwd">var</span><span class="pun">/</span><span class="pln">www</span><span class="pun">/</span><span class="pln">html</span><span class="pun">/</span><span class="pln">syspass</span><span class="pun">/</span><span class="pln">app</span><span class="pun">/{</span><span class="pln">config</span><span class="pun">,</span><span class="pln">backup</span><span class="pun">}</span>
完成后,我们需要在您的系统上安装作曲家:
<span class="pln">nano </span><span class="pun">/</span><span class="kwd">var</span><span class="pun">/</span><span class="pln">www</span><span class="pun">/</span><span class="pln">html</span><span class="pun">/</span><span class="pln">syspass</span><span class="pun">/</span><span class="pln">install</span><span class="pun">-</span><span class="pln">composer</span><span class="pun">.</span><span class="pln">sh</span>
添加以下行:
<span class="com">#!/bin/sh</span><span class="pln">
EXPECTED_SIGNATURE</span><span class="pun">=</span><span class="str">"$(wget -q -O - https://composer.github.io/installer.sig)"</span><span class="pln">
php </span><span class="pun">-</span><span class="pln">r </span><span class="str">"copy('https://getcomposer.org/installer', 'composer-setup.php');"</span><span class="pln">
ACTUAL_SIGNATURE</span><span class="pun">=</span><span class="str">"$(php -r "</span><span class="pln">echo hash_file</span><span class="pun">(</span><span class="str">'sha384'</span><span class="pun">,</span> <span class="str">'composer-setup.php'</span><span class="pun">);</span><span class="str">")"</span>
<span class="kwd">if</span> <span class="pun">[</span> <span class="str">"$EXPECTED_SIGNATURE"</span> <span class="pun">!=</span> <span class="str">"$ACTUAL_SIGNATURE"</span> <span class="pun">]</span>
<span class="kwd">then</span>
<span class="pun">>&</span><span class="lit">2</span><span class="pln"> echo </span><span class="str">'ERROR: Invalid installer signature'</span><span class="pln">
rm composer</span><span class="pun">-</span><span class="pln">setup</span><span class="pun">.</span><span class="pln">php
</span><span class="kwd">exit</span> <span class="lit">1</span>
<span class="kwd">fi</span><span class="pln">
php composer</span><span class="pun">-</span><span class="pln">setup</span><span class="pun">.</span><span class="pln">php </span><span class="pun">--</span><span class="pln">quiet
RESULT</span><span class="pun">=</span><span class="pln">$</span><span class="pun">?</span><span class="pln">
rm composer</span><span class="pun">-</span><span class="pln">setup</span><span class="pun">.</span><span class="pln">php
</span><span class="kwd">exit</span><span class="pln"> $RESULT</span>
保存并关闭文件,然后运行 Composer 安装脚本:
<span class="pln">cd </span><span class="pun">/</span><span class="kwd">var</span><span class="pun">/</span><span class="pln">www</span><span class="pun">/</span><span class="pln">html</span><span class="pun">/</span><span class="pln">syspass</span><span class="pun">/</span><span class="pln"> sh install</span><span class="pun">-</span><span class="pln">composer</span><span class="pun">.</span><span class="pln">sh</span>
接下来,运行以下命令以安装所有必需的 PHP 依赖项:
<span class="pln">php composer</span><span class="pun">.</span><span class="pln">phar install </span><span class="pun">--</span><span class="kwd">no</span><span class="pun">-</span><span class="pln">dev</span>
第 4 步。配置 MariaDB for sysPass。
默认情况下,MariaDB 未强化。您可以使用脚本保护 MariaDB。您应该仔细阅读并在每个步骤下方仔细阅读,这将设置root密码,删除匿名用户,禁止远程root登录,并删除测试数据库和对安全MariaDB的访问权限:mysql_secure_installation
<span class="pln">mysql_secure_installation</span>
像这样配置它:
<span class="pun">-</span> <span class="typ">Set</span><span class="pln"> root password</span><span class="pun">?</span> <span class="pun">[</span><span class="pln">Y</span><span class="pun">/</span><span class="pln">n</span><span class="pun">]</span><span class="pln"> y </span><span class="pun">-</span> <span class="typ">Remove</span><span class="pln"> anonymous users</span><span class="pun">?</span> <span class="pun">[</span><span class="pln">Y</span><span class="pun">/</span><span class="pln">n</span><span class="pun">]</span><span class="pln"> y </span><span class="pun">-</span> <span class="typ">Disallow</span><span class="pln"> root login remotely</span><span class="pun">?</span> <span class="pun">[</span><span class="pln">Y</span><span class="pun">/</span><span class="pln">n</span><span class="pun">]</span><span class="pln"> y </span><span class="pun">-</span> <span class="typ">Remove</span><span class="pln"> test database </span><span class="kwd">and</span><span class="pln"> access to it</span><span class="pun">?</span> <span class="pun">[</span><span class="pln">Y</span><span class="pun">/</span><span class="pln">n</span><span class="pun">]</span><span class="pln"> y </span><span class="pun">-</span> <span class="typ">Reload</span><span class="pln"> privilege tables now</span><span class="pun">?</span> <span class="pun">[</span><span class="pln">Y</span><span class="pun">/</span><span class="pln">n</span><span class="pun">]</span><span class="pln"> y</span>
接下来,我们需要登录到 MariaDB 控制台并为 sysPass 创建一个数据库。运行以下命令:
<span class="pln">mysql </span><span class="pun">-</span><span class="pln">u root </span><span class="pun">-</span><span class="pln">p</span>
这将提示您输入密码,因此请输入您的MariaDB root密码并按Enter键。登录到数据库服务器后,您需要为sysPass安装创建一个数据库:
<span class="typ">MariaDB</span> <span class="pun">[(</span><span class="pln">none</span><span class="pun">)]></span><span class="pln"> create database syspassdb</span><span class="pun">;</span> <span class="typ">MariaDB</span> <span class="pun">[(</span><span class="pln">none</span><span class="pun">)]></span><span class="pln"> grant all privileges on syspassdb</span><span class="pun">.*</span><span class="pln"> to syspassuser@localhost identified </span><span class="kwd">by</span> <span class="str">"your-strong-password"</span><span class="pun">;</span> <span class="typ">MariaDB</span> <span class="pun">[(</span><span class="pln">none</span><span class="pun">)]></span><span class="pln"> flush privileges</span><span class="pun">;</span> <span class="typ">MariaDB</span> <span class="pun">[(</span><span class="pln">none</span><span class="pun">)]></span> <span class="kwd">exit</span><span class="pun">;</span>
第5步。为 sysPass 配置 Apache 。
现在我们创建一个 Apache 虚拟主机配置:
<span class="pln">nano </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">apache2</span><span class="pun">/</span><span class="pln">sites</span><span class="pun">-</span><span class="pln">available</span><span class="pun">/</span><span class="pln">syspass</span><span class="pun">.</span><span class="pln">conf</span>
添加以下行:
<span class="tag"><VirtualHost</span><span class="pln"> *:80</span><span class="tag">></span><span class="pln"> ServerAdmin admin@example.com DocumentRoot "/var/www/html/syspass" ServerName your-domain.com </span><span class="tag"><Directory</span> <span class="atv">"/var/www/html/syspass/"</span><span class="tag">></span><span class="pln"> Options MultiViews FollowSymlinks AllowOverride All Order allow,deny Allow from all </span><span class="tag"></Directory></span><span class="pln"> TransferLog /var/log/apache2/syspass_access.log ErrorLog /var/log/apache2/syspass_error.log </span><span class="tag"></VirtualHost></span>
保存并关闭文件,然后重新启动 Apache Web 服务器,以便进行更改:
<span class="pln">sudo a2ensite syspass sudo a2enmod rewrite sudo systemctl restart apache2</span>
第 6 步。配置防火墙。
现在,我们使用 sysPass 设置了一个简单防火墙 (UFW),以允许在默认 Web 端口 80 上进行公共访问:
<span class="pln">sudo ufw allow </span><span class="typ">OpenSSH</span><span class="pln"> sudo ufw allow </span><span class="str">'Apache Full'</span><span class="pln"> sudo ufw enable</span>
步骤 7.访问 sysPass 密码管理器 Web 界面。
成功安装后,现在打开 Web 浏览器并使用 URL 访问 sysPass 管理界面。您将被重定向到以下页面:http://your-domain.com
感谢您使用本教程在 Ubuntu 22.04 LTS Jammy Jellyfish 系统上安装 sysPass 密码管理器。有关其他帮助或有用信息,我们建议您查看 sysPass 网站。
