KeePassXC-Browser-ის მიმოხილვები
KeePassXC-Browser ავტორი KeePassXC Team
მიმომხილველი aWalker
2 შეფასება 5-დან
მიმომხილველი aWalker, 6 წლის წინIt's really a convenience to use this add-on with KeePassXC. But, there been an issue that has been raised several months back :
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
შემმუშავებლის პასუხი
თარიღი 6 წლის წინThis is not the first time the issues rises its head from the depths.
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
750 მიმოხილვა
- 5 შეფასება 5-დანმიმომხილველი evtldocha, 5 დღის წინThanks for this extension!
One remark: though firefox now honors XDG config settings in $HOME/.config/mozilla/firefox (on Linux) the extension creates a $HOME/.mozilla/native-messaging-hosts. I'd like so see all config for an application on one single place only. - 5 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 12539057, 7 დღის წინ
- 4 შეფასება 5-დანმიმომხილველი RD, 10 დღის წინThe add-on doesn't work in the Flatpak browser. Otherwise, I like KeePassXC :)
შემმუშავებლის პასუხი
თარიღი 10 დღის წინActually there's already pull requests made for a websocket connection mode in both extension and KeePassXC. It works with Flatpak browsers. So it's coming :) - 5 შეფასება 5-დანმიმომხილველი Matthieu, 16 დღის წინ
- 1 შეფასება 5-დანმიმომხილველი Abdiel, 17 დღის წინIt only has offline support. On Linux the configuration is a mess. Sometimes It doesn't talk with my desktop app. Remote support should also be added, so 1 star. I also noticed this while using it: not everything is handled within the browser. When the master password is requested, It switches to the KeepassXC desktop window which makes the experience less convenient. MasterPassword could instead be entered through a small pop-up inside the browser. This is what I would have preferred.
შემმუშავებლის პასუხი
თარიღი 16 დღის წინThe whole idea of the extension is that it talks to the desktop app. It has no direct connection to your database, and it will never ask your master password. - 5 შეფასება 5-დანმიმომხილველი toorootoot, 17 დღის წინ
- 5 შეფასება 5-დანმიმომხილველი Mark Andrew Gerads, თვის წინ
- 5 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 19902880, თვის წინ
- 5 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 19882925, 2 თვის წინ
- 5 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 18863959, 2 თვის წინ
- 1 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 14868755, 2 თვის წინNot able to add connected database. Nothing happens when clicking the Connect Database button. Bazzite 43 (linux) NVIDIA edition, Firefox 149, KeePassXC 2.7.12
- 4 შეფასება 5-დანმიმომხილველი Saturnus, 2 თვის წინ
- 4 შეფასება 5-დანმიმომხილველი Fokeu, 3 თვის წინ
- 5 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 13156335, 3 თვის წინWorks fine on my Windows 10 Firefox, and in Firefox on my CachyOS Linux install.
- 5 შეფასება 5-დანმიმომხილველი Cangrejo, 4 თვის წინBest password manager ever.
I know this depends of Keepassxc development, but it would be nice if card info can be stored. - 5 შეფასება 5-დანმიმომხილველი elsenfox, 4 თვის წინ
- 2 შეფასება 5-დანმიმომხილველი Firefox-ის მომხმარებელი 19733088, 4 თვის წინEigentlich gut, aber umständlich, funktioniert bei vielen Websites einfach mal gar nicht, das Felderkennungs-Tool zum Zuweisen ebenfalls nicht und kostet daher viel Zeit und Nerven in der Benutzung. Daher kann ich ebenso schnell und gut aus KeepassXC kopieren und einfügen und brauche mich nicht mit diesem AddOn herumschlagen; leider!
- 1 შეფასება 5-დანმიმომხილველი John Hills, 4 თვის წინThe addon randomly shows errors like "KeePassXC-Browser has encountered an error: Key exchange was not successful" which means absolutely nothing to the user and does not help solve the problem in any way. It is the same as showing a message "Error: There has been an error. You're unlucky, too bad for you."
შემმუშავებლის პასუხი
თარიღი 4 თვის წინGitHub already has an issue about this. In short, there's no way to get details from the API why the key exchange / connection fails. I suggest you take a look at the most common error threads and our Troubleshooting Guide at GitHub. - 5 შეფასება 5-დანმიმომხილველი Lani, 5 თვის წინIt seems that the path for native-messaging-hosts is hardcoded.
I want to move the file located at [~/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json] to [xdg-directory :: ~/.config/mozilla], but it fails.
help me? - 1 შეფასება 5-დანმიმომხილველი Ethan, 5 თვის წინit doesn't work when the password is on another page after the email. it always puts the wrong password from another account without even asking which account. developers, add a dropdown to ask the user from which account to take the password, don't just put any random password from any random account in the database. changing any setting didn't fix this.
შემმუშავებლის პასუხი
თარიღი 5 თვის წინFirst of all, this shouldn't happen. There's already a dropdown selector when filling usernames or password from multiple accounts. Selector from the popup works as well. There are some settings that try to fill the password automatically for the selected username. Disabling those should help. If not, please file an issue to GitHub, thanks. - 5 შეფასება 5-დანმიმომხილველი A1, 5 თვის წინ
- 5 შეფასება 5-დანმიმომხილველი ProgramminCat, 5 თვის წინ