Password Manager Daemon is a server that provides a way for applications to
securely store and retrieve data at a centralized location. The data is stored
in an XML file and clients connect and send commands to manipulate the data.

I needed this because I use a few applications that require the same
credentials but hate having to update all those configuration files to reflect
any changes. The data file can be edited once with a pwmd client and patched
applications can retrieve the updated info.

Some of the features include:

    * Multi-threaded. More than one client may access the data at the same
      time.
    * Optionally uses the GnuPG Agent for key caching and smartcard support.
    * Remote network connctions via libpwmd over GnuTLS or SSH via a proxy.
    * Configuration file which supports file specific settings including:
      cache expiration and encryption key or key file and more.
    * Logging to file and/or syslog.
    * Secure memory usage. PWMD will zero out memory before freeing it and
      also has the option to lock the entire process in RAM to avoid swapping
      the data to virtual memory.


Requirements:
-------------
    C99 compiler - http://www.gnu.org/software/gcc
    		   Has been tested to work. Others should work fine, too.

    libassuan    - ftp://ftp.gnupg.org/gcrypt/libassuan
		   Protocol. Version 2.0.2 or later is required. Version
		   2.1.0 or later is recommended for UDS peer credential
		   checking on OS's other than Linux.

    libgpg-error - http://www.gnupg.org
	           Error handling. Required.

    gpg-agent    - http://www.gnupg.org
    		   Keypair generation, decryption and caching. Version 2.1.0
		   or later is required when --use-agent is specified.
		   Optional.

    pinentry     - http://www.gnupg.org
    		   Required for passphrase retrieval from either gpg-agent or
		   pwmd itself.

    libxml2      - http://xmlsoft.org
                   Required for XML parsing and data manipulation.

    libgcrypt    - http://www.gnupg.org
                   Encryption and hashing. Version 1.5.0 or later is required.

    libz         - http://www.zlib.net
                   For data file conversion. Version 1.2.2.1 or later is
                   required.

    libgnutls    - http://www.gnu.org/software/gnutls/
    		   For encrypted connections over a TCP network. Optional.

    libacl       - ftp://acl.bestbits.at
    		   To retain an ACL for a data file. Optional.


Installation:
-------------
./configure && make install

Typing 'pwmd' will start the server and wait for connections to
~/.pwmd/socket. Be sure gpg-agent is running (see manual) when
--use-agent is specfied on the pwmd command line (--enable-agent must
be passed to configure at compile-time to enable gpg-agent
support). Passing --allow-preset-passphrase to gpg-agent is
recommended and gpg-agent option --allow-loopback-pinentry is required
if using a keyfile or connecting over TLS.


Connecting:
-----------
Any program that can connect to a UNIX domain socket will work although using
pwmc, a client included with libpwmd, is recommended:

    echo command | pwmc filename
or interactively
    pwmc filename
or
    socat UNIX-CONNECT:$HOME/.pwmd/socket -

A more user-friendly client QPwmc is also available. It has a Qt GUI and is
much easier to use. See http://qpwmc.sourceforge.net/ for details.

Please read pwmd.info manual for protocol commands, syntax and
configuration details. A HTML version is also available in doc/pwmd.html.


GIT Repository
--------------
There is a public GIT repository available at repo.or.cz. Anonymous checkouts
can be done by:

    git clone git://repo.or.cz/pwmd.git

The gitweb interface can be viewed at http://repo.or.cz/w/pwmd.git.


Mailing lists
-------------
Please send bug reports, questions or feature requests to
https://lists.sourceforge.net/lists/listinfo/pwmd-users

The same for libpwmd may be sent to
https://lists.sourceforge.net/lists/listinfo/libpwmd-users


Ben Kibbey <bjk@luxsci.net>
XMPP: bjk@jabber.org
http://pwmd.sourceforge.net/
