{"id":3147,"date":"2023-01-06T10:04:09","date_gmt":"2023-01-06T15:04:09","guid":{"rendered":"https:\/\/dft.wiki\/?p=3147"},"modified":"2024-05-03T15:53:57","modified_gmt":"2024-05-03T19:53:57","slug":"deploying-a-self-hosted-open-source-password-manager-with-passbolt","status":"publish","type":"post","link":"https:\/\/dft.wiki\/?p=3147","title":{"rendered":"Deploying a Self-Hosted Open-Source Password Manager with Passbolt"},"content":{"rendered":"<p><strong>Passbolt<\/strong>\u00a0<strong>CE<\/strong> (Community Edition) is an enterprise grade open-source [<a href=\"https:\/\/github.com\/orgs\/passbolt\">Link<\/a>] multi-platform [<a href=\"https:\/\/help.passbolt.com\/hosting\/install\">Link<\/a>] password manager.<\/p>\n<p>It is a great alternative to <strong>BitWarden<\/strong> [<a href=\"https:\/\/github.com\/bitwarden\/server\">Link<\/a>], another open-source password manager, that is incredibly complicated to install from source-code. Or the unofficial Bitwarden server implementation written in Rust called <strong>VaultWarden<\/strong> that is fully compatible to all BitWarden&#8217;s mobile apps and browser extensions [<a href=\"https:\/\/github.com\/dani-garcia\/vaultwarden\">Link<\/a>].<\/p>\n<p>Recommendations<\/p>\n<ul>\n<li>Minimise its exposition to the internet to the bare minimal and only if needed,<\/li>\n<li>Prefer to allow access exclusively via local network or VPN,<\/li>\n<li>Always enable SSL\/TLS (HTTPS),<\/li>\n<li>Don&#8217;t forget to set up the SMTP server for password recovery.<\/li>\n<\/ul>\n<hr \/>\n<p><strong>DOCKER INSTALLATION SCRIPT<\/strong><\/p>\n<pre>sudo su\r\nwget \"https:\/\/download.passbolt.com\/ce\/docker\/docker-compose-ce.yaml\"\r\ndocker-compose -f docker-compose-ce.yaml up -d<\/pre>\n<p>Creating the first Admin user:<\/p>\n<pre>docker-compose -f docker-compose-ce.yaml exec passbolt su -m -c \"\/usr\/share\/php\/passbolt\/bin\/cake passbolt register_user -u <strong>username@example.com<\/strong> -f <strong>myFirstName<\/strong> -l <strong>myLastName<\/strong> -r <strong>admin<\/strong>\" -s \/bin\/sh www-data<\/pre>\n<p>It will generate a link that has to be copied to the browser to finalize the installation.<\/p>\n<hr \/>\n<p><strong>INSTALLATION SCRIPT FOR<\/strong><\/p>\n<p>UBUNTU \/ DEBIAN \/ RPI<\/p>\n<pre>wget \"https:\/\/download.passbolt.com\/ce\/installer\/passbolt-repo-setup.ce.sh\"\r\nsudo bash .\/passbolt-repo-setup.ce.sh\r\nsudo apt update &amp;&amp; sudo apt upgrade -y\r\nsudo apt install passbolt-ce-server -y<\/pre>\n<p>ROCKY \/ ALMA \/ ORACLE \/ FEDORA<\/p>\n<pre>wget \"https:\/\/download.passbolt.com\/ce\/installer\/passbolt-repo-setup.ce.sh\"\r\nsudo\u00a0bash\u00a0.\/passbolt-repo-setup.ce.sh\r\nsudo dnf install passbolt-ce-server\r\nsudo \/usr\/local\/bin\/passbolt-configure<\/pre>\n<p>DOCKER<\/p>\n<pre>wget \"https:\/\/download.passbolt.com\/ce\/docker\/docker-compose-ce.yaml\"\r\ndocker-compose -f docker-compose-ce.yaml up -d<\/pre>\n<hr \/>\n<p><strong>CLI INSTALLATION STEPS<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3188\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-07-31.png\" alt=\"\" width=\"573\" height=\"282\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-07-31.png 573w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-07-31-300x148.png 300w\" sizes=\"auto, (max-width: 573px) 100vw, 573px\" \/><\/p>\n<p>Provide the default master credentials to the newly deployed MySQL server. Username <code>root<\/code> and password is &#8220;empty&#8221;.<\/p>\n<p>Accept or customise the suggested username that Passbolt will use and provide (twice) a very long and complex password to it:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3189\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-08-42.png\" alt=\"\" width=\"668\" height=\"236\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-08-42.png 668w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-08-42-300x106.png 300w\" sizes=\"auto, (max-width: 668px) 100vw, 668px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3190\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-09-22.png\" alt=\"\" width=\"533\" height=\"236\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-09-22.png 533w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-09-22-300x133.png 300w\" sizes=\"auto, (max-width: 533px) 100vw, 533px\" \/><\/p>\n<p>Accept or customise the name of the database (important in the case you have multiple instances of the app using the same DB):<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3191\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-10-01.png\" alt=\"\" width=\"604\" height=\"236\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-10-01.png 604w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-10-01-300x117.png 300w\" sizes=\"auto, (max-width: 604px) 100vw, 604px\" \/><\/p>\n<p>Passbolt does not faces the Internet or local network directly, it is shielded behind a web server such as Apache or NGINX that is capable of terminating TLS (HTTPS) communication and proxy internally the unencrypted request to Passbolt.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3192\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-10-19.png\" alt=\"\" width=\"593\" height=\"284\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-10-19.png 593w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-10-19-300x144.png 300w\" sizes=\"auto, (max-width: 593px) 100vw, 593px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3193\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-11-13.png\" alt=\"\" width=\"878\" height=\"389\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-11-13.png 878w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-11-13-300x133.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-11-13-768x340.png 768w\" sizes=\"auto, (max-width: 878px) 100vw, 878px\" \/><\/p>\n<p><strong>Note:<\/strong> it does require a real public domain for automatically accept the challenge from the Certificate Authority Let&#8217;s Encrypt. It is free and HIGHLY RECOMMENDED.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3194\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-08.png\" alt=\"\" width=\"943\" height=\"268\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-08.png 943w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-08-300x85.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-08-768x218.png 768w\" sizes=\"auto, (max-width: 943px) 100vw, 943px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3195\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-40.png\" alt=\"\" width=\"718\" height=\"300\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-40.png 718w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-12-40-300x125.png 300w\" sizes=\"auto, (max-width: 718px) 100vw, 718px\" \/><\/p>\n<p>The installation suggests restarting few services. It is not required but does not hurt restarting all.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3196\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-14-03.png\" alt=\"\" width=\"465\" height=\"267\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-14-03.png 465w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-14-03-300x172.png 300w\" sizes=\"auto, (max-width: 465px) 100vw, 465px\" \/><\/p>\n<p>You might see the successful installation banner with the address to continue the installation on the browser:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3197\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-17-27.png\" alt=\"\" width=\"750\" height=\"325\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-17-27.png 750w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-17-27-300x130.png 300w\" sizes=\"auto, (max-width: 750px) 100vw, 750px\" \/><\/p>\n<hr \/>\n<p><strong>WEB INSTALLATION STEPS<\/strong><\/p>\n<p>Navigate to the domain that points to your Passbolt server and note it is an encrypted communication (HTTPS).<\/p>\n<p>Follow the installation steps:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3198\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-15-35.png\" alt=\"\" width=\"692\" height=\"475\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-15-35.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-15-35-300x206.png 300w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3199\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-15-51.png\" alt=\"\" width=\"692\" height=\"785\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-15-51.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-15-51-264x300.png 264w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p>Enter database connection information you created using the installation over the terminal:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3200\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-20-31.png\" alt=\"\" width=\"692\" height=\"885\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-20-31.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-20-31-235x300.png 235w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p>Give a name to the server and inform the contact of its administrator:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3201\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-21-13.png\" alt=\"\" width=\"692\" height=\"885\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-21-13.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-21-13-235x300.png 235w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p>This is a crucial step that cannot be neglect. Passbolt requires an SMTP server to be able to send invitation to the user accounts, even to the admin account (without setting it up properly you will be locked out the server).<\/p>\n<p><strong>Important:<\/strong> only use a free SMTP server if you REALLY TRUST because, if malicious, it can offer a serious threat to your server and its holding data.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3202\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-22-54.png\" alt=\"\" width=\"692\" height=\"981\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-22-54.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-22-54-212x300.png 212w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p>As you can see, the master admin account requires an email to be sent to complete the creation and set its password:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3203\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-23-28.png\" alt=\"\" width=\"692\" height=\"662\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-23-28.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-23-28-300x287.png 300w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p>Good job! You can now install the browser extension to make the best usage of your new password manager features.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3205\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-23-59.png\" alt=\"\" width=\"692\" height=\"557\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-23-59.png 692w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-23-59-300x241.png 300w\" sizes=\"auto, (max-width: 692px) 100vw, 692px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3207\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-24-54.png\" alt=\"\" width=\"974\" height=\"695\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-24-54.png 974w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-24-54-300x214.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-24-54-768x548.png 768w\" sizes=\"auto, (max-width: 974px) 100vw, 974px\" \/><\/p>\n<p>Do not forget to check the link sent in the activation email.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3208\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-25-08.png\" alt=\"\" width=\"974\" height=\"755\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-25-08.png 974w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-25-08-300x233.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2023-01-06-09-25-08-768x595.png 768w\" sizes=\"auto, (max-width: 974px) 100vw, 974px\" \/><\/p>\n<hr \/>\n<p><strong>CONFIGURING SSL\/TLS (HTTPS) MANUALLY \/ ADVANCED MODE<\/strong><\/p>\n<p>Passbolt it self does not support SSL\/TLS, it is provided by creating a layer in front of the application using a web-server, such as Apache, NGINX, Varnish, etc.<\/p>\n<p>Pro tips:<\/p>\n<ul>\n<li>Free option:\n<ul>\n<li>Used Let&#8217;s Encrypt for free 90 days auto-renew certificates,<\/li>\n<li>Requires being directly exposed to the public Internet for validating domain ownership via HTTP challenge send from LE periodically.\n<ul>\n<li>It is recommended to create multiple virtual-hosts to serve different pages depending on the client&#8217;s origin:\n<ul>\n<li>If the client is aching from the LAN or VPN, serve the Passbolt via reverse-proxy,<\/li>\n<li>Otherwise, provide a blank page or a redirect.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Paid option:\n<ul>\n<li>Purchase a public certificate from any vendor and for the amount of time desired (1, 2, 5 years&#8230;),<\/li>\n<li>The server can be completely protected from the public internet because the ownership of the domain can be validates via DNS, E-Mail, etc.<\/li>\n<li>It does not auto-renew the certificate. It is a manual process that will be required prior to the certificate expiration.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<hr \/>\n<p><strong>BONUS<\/strong><\/p>\n<p>Maybe <strong>VaultWarden<\/strong> deserves its own blog post but because of its simplicity to install it certainly deserve be mentioned a bit more.<\/p>\n<ul>\n<li>Why and how VaultWarden makes it self relevant in the self hosted open source password manager?\n<ul>\n<li>It offers 100% of the features that 99% of the people use daily (reduced complexity and over engineered code),<\/li>\n<li>It is lightweight code, written in Rust, and demands much less resources,<\/li>\n<li>There is no visual difference when using VaultWarden vs BitWarden because it shares the same mobile apps, browser extensions, and web user interface,<\/li>\n<li>Because it not as mature as bigger brother (BitWarden), I would recommend to make it available in private network (on-prem, VPC, or via VPN).<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Installation<\/p>\n<pre>sudo apt install argon2 -y\r\nsudo mkdir -p \/vaultwarden-data\/\r\nsudo chmod o-rwx \/vaultwarden-data\/\r\nTOKEN=`echo -n \"<strong>ChangeSecretPassword<\/strong>\" | argon2 \"$(openssl rand -base64 32)\" -e -id -k 65540 -t 3 -p 4`\r\nhistory -d -2\r\nsudo docker run -d --name vaultwarden -v \/vaultwarden-data\/:\/data --restart unless-stopped -p 127.0.0.1:80:80 -e ADMIN_TOKEN=\"<strong>$TOKEN\"<\/strong> vaultwarden\/server:latest\r\nTOKEN=''<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4248\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-31-01.png\" alt=\"\" width=\"1427\" height=\"94\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-31-01.png 1427w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-31-01-300x20.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-31-01-1024x67.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-31-01-768x51.png 768w\" sizes=\"auto, (max-width: 1427px) 100vw, 1427px\" \/><\/p>\n<p><strong>Note:<\/strong> for the Admin account, it will create a hash from a string (password), remove that line from the bash history right after, and later overwrite the token variable. Also observe that it will only bind on localhost on port 80. It is extremely recommended (almost required) to use a reverse proxy to make it available outside localhost with HTTPS.<\/p>\n<p>Navigate to <a href=\"http:\/\/localhost\">http:\/\/localhost<\/a>. At this point any visitor is allowed to create an account (not suitable to be directly exposed to the Internet) but it can be configured in the Admin dashboard who and what domains will be allowed to create an account.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4249\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-35-47.png\" alt=\"\" width=\"1055\" height=\"789\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-35-47.png 1055w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-35-47-300x224.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-35-47-1024x766.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-35-47-768x574.png 768w\" sizes=\"auto, (max-width: 1055px) 100vw, 1055px\" \/><\/p>\n<p>Navigate to the <strong>Admin Dashboard<\/strong> on <a href=\"http:\/\/localhost\/admin\">http:\/\/localhost\/admin<\/a>.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4250\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-39-30.png\" alt=\"\" width=\"1055\" height=\"396\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-39-30.png 1055w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-39-30-300x113.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-39-30-1024x384.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-39-30-768x288.png 768w\" sizes=\"auto, (max-width: 1055px) 100vw, 1055px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4251\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-15.png\" alt=\"\" width=\"1055\" height=\"897\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-15.png 1055w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-15-300x255.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-15-1024x871.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-15-768x653.png 768w\" sizes=\"auto, (max-width: 1055px) 100vw, 1055px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4252\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-41.png\" alt=\"\" width=\"1055\" height=\"897\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-41.png 1055w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-41-300x255.png 300w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-41-1024x871.png 1024w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2023\/01\/Screenshot-from-2024-05-03-15-46-41-768x653.png 768w\" sizes=\"auto, (max-width: 1055px) 100vw, 1055px\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Passbolt\u00a0CE (Community Edition) is an enterprise grade open-source [Link] multi-platform [Link] password manager. It is [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,4,6,7],"tags":[],"class_list":["post-3147","post","type-post","status-publish","format-standard","hentry","category-general","category-linux","category-raspberry-pi","category-web"],"_links":{"self":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/3147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3147"}],"version-history":[{"count":7,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/3147\/revisions"}],"predecessor-version":[{"id":4253,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/3147\/revisions\/4253"}],"wp:attachment":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}