Move sensitive information out of the main .config file

Question

Move sensitive information out of the main .config file

Closed this issue 3 months ago · 1 comments

Context

I add certain .config files to my public config repo so I don't have to re-configure apps after installing them on a new system. It also allows other people to see how I've configured my system. I would like to add keepassxc.ini to my public config repo, but I can't do that currently because the file contains sensitive information.

Summary

On my system, keepassxc writes configuration data to ~/.config/keepassxc/keepassxc.ini
An excerpt of the file:

...
[KeeShare]
Active="<?xml version=\"1.0\"?><KeeShare><Active/></KeeShare>\n"
Own="<?xml version=\"1.0\"?><KeeShare><PrivateKey>
[actual data omitted]

[Security]
ClearClipboardTimeout=30
ClearSearch=true
ClearSearchTimeout=6
LockDatabaseIdle=true
LockDatabaseIdleSeconds=300
...

Would it be possible to make a separate config file for all the information that shouldn't be shared with other people or synced across multiple machines?

Examples

The main file keepassxc.ini contains typical non-sensitive config items

[Security]
ClearClipboardTimeout=30
ClearSearch=true
ClearSearchTimeout=6
LockDatabaseIdle=true
LockDatabaseIdleSeconds=300

And create a new config file like keepassxc-private.ini that contains private keys

[KeeShare]
Active="<?xml version=\"1.0\"?><KeeShare><Active/></KeeShare>\n"
Own="<?xml version=\"1.0\"?><KeeShare><PrivateKey>
...

Answer 1 · 2024-08-18T18:13:16.000Z

The keeshare information is meaningless and isn't used for anything security related. It is being deleted for 2.8.0.