Password Manager Daemon is a server that provides a way for applications to
securely store and retrieve data at a centralized location. The data is stored
in an XML file and clients connect and send commands to manipulate the data.

I needed this because I use a few applications that require the same
credentials but hate having to update all those configuration files to reflect
any changes. The data file can be edited once with a pwmd client and patched
applications can retrieve the updated info. It has evolved to be useful for
more than only authentication details:

    * Multi-threaded. More than one client may access the data at the same
      time.
    * Optionally uses the GnuPG Agent for key caching and smartcard support.
    * Remote network connections over GnuTLS or SSH via a proxy.
    * Configuration file which supports file specific settings including:
      cache expiration and encryption key or key file and more.
    * Logging to file and/or syslog.
    * Secure memory usage. Pwmd will zero out memory before freeing it and
      also has the option to lock the entire process in RAM to avoid swapping
      the data to virtual memory.
    * Multiuser: socket and per-element local user and TLS access control.
    * Much more...


Requirements:
-------------
    C99 compiler - http://www.gnu.org/software/gcc
    		   Has been tested to work. Others should work fine, too.

    libassuan    - ftp://ftp.gnupg.org/gcrypt/libassuan
		   Protocol. Version 2.0.2 or later is required. Version
		   2.1.0 or later is highly recommended for UDS peer
		   credential checking on OS's other than Linux.

    libgpg-error - http://www.gnupg.org
	           Error handling. Required.

    gpg-agent    - http://www.gnupg.org
    		   Keypair generation, decryption and caching. Version 2.1.0
		   or later is required when pwmd's --use-agent command line
		   option is specified. Optional.

    pinentry     - http://www.gnupg.org
    		   Required for passphrase retrieval from either gpg-agent or
		   pwmd itself.

    libxml2      - http://xmlsoft.org
                   Required for XML parsing and data manipulation.

    libgcrypt    - http://www.gnupg.org
                   Encryption and hashing. Version 1.5.0 or later is required.

    libz         - http://www.zlib.net
                   For data file conversion. Version 1.2.2.1 or later is
                   required.

    libgnutls    - http://www.gnu.org/software/gnutls/
    		   For encrypted connections over a TCP network. Version
		   3.3.0 or later. Optional.


Building and installation:
-------------
If your building from the git repository, you will need to generate the
configure script. If your building from a release tarball then you can skip
this step:

./autogen.sh

After that you can see which features are available by doing:

./configure --help | less

Then do the following to configure and build then install pwmd:

./configure [--any-features --you-want] && make install


Running pwmd:
-------------
Please read the pwmd.info texinfo manual for protocol commands, syntax and
configuration details. A HTML version is also available in doc/pwmd.html.

Typing 'pwmd' will start the server and wait for connections to
~/.pwmd/socket. Be sure gpg-agent is running (see manual) when --use-agent is
specfied on the pwmd command line (--enable-agent must have been passed to
configure at compile-time to enable gpg-agent support). Passing
--allow-preset-passphrase to gpg-agent is recommended and gpg-agent option
--allow-loopback-pinentry is required if using a keyfile or connecting over
TLS.


Connecting:
-----------
Any program that can connect to a UNIX domain socket will work although using
pwmc, a client included with libpwmd, is recommended:

    echo command | pwmc filename

or interactively:
    pwmc filename

or:
    socat UNIX-CONNECT:$HOME/.pwmd/socket -

A more user-friendly full featured client QPwmc is also available. It has a Qt
GUI and is much easier to use. See http://qpwmc.sourceforge.net/ for details.


GIT Repository
--------------
There is a public git repository available at repo.or.cz. Anonymous checkouts
can be done by doing:

    git clone git://repo.or.cz/pwmd.git

The gitweb interface can be viewed at http://repo.or.cz/w/pwmd.git.


Bug reporting
-------------
Please use the ticketing system at
http://sourceforge.net/p/pwmd/tickets/


Mailing lists
-------------
Please send questions or feature requests to
https://lists.sourceforge.net/lists/listinfo/pwmd-users

Developers please use
https://lists.sourceforge.net/lists/listinfo/pwmd-devel


Ben Kibbey <bjk@luxsci.net>
XMPP: bjk@jabber.org
http://pwmd.sourceforge.net/
