Keydrop is an instant Heroku application for receiving passwords safely.
This will do
- Encryption
- Validation
- Sending:
https://*.herokuapp.com/... - Saving: htpasswd apr1 or RSA public key
- Receiving: PostgreSQL SSL connection
At default, the password must have...
- More than 10 characters
- At least 1 numeric character (
0 - 9) - At least 1 capital character (
A - Z) - At lease 1 symbol character (
#$%@&*!...)
If you want to change the conditions, please clone the source code from Heroku git repository and edit it.
- Create a Heroku account.
- Install the Heroku command line app.
- Install PostgreSQL to connect the Heroku database. You only need the client.
- e.g.)
$ brew install postgresql
- e.g.)
- Install OpenSSL if you want to use the public key encryption type.
Click the following button.
And you will see the configulation screen.
Leave empty. The automatically generated randome name is preferable.
Input random path name. You can set multiple paths. For example:
/K7FElrHrPmUnmBdw,/Mfj2Wl2YF6rFcMQ6
The form URL is like this.
https://${App name}.herokuapp.com${ACCEPT_PATH}
Other URLs will return 404.
The default value is htpasswd.
If you want to use public key, set publickey.
You don't need to change this value if you use htpasswd encryption type. The default value is an insecure sample key, so please don't use it for the real purpose.
Use bin/genkey.sh.
#! /bin/bash
DATE=`date +"%Y%m%d%H%M%S"`
openssl genrsa -aes256 -out private-$DATE.pem 2048
openssl rsa -pubout -in private-$DATE.pem -out public-$DATE.pemUse ./bin/dump.sh.
$ ./bin/dump.sh random-appname-12345
--> Connecting to postgresql-dbname-54321
1 2017-08-30 03:06:57+00 htpasswd /zoac5l7spoaY test-1 test-1:$apr1$4.Pz0U/W$TppMU9SjE/W0yg1FAPiMS/
2 2017-08-30 03:08:19+00 publickey /zoac5l7spoaY test-2 nJ97fbhHIkZAMISp/zXVETvitUl8Qlbi1pyOTtoF3ybI9EDrqenPFb4WMOISrTn8sW+Qu5xvNsjaMEIC3j0Md+hmtEzlLmVK+Nb9bq989I9TnmjgdtFE9klyKkhb5J7r+7SKqBgzfmu7kAoREYBtg05hvNb3mJXGbAruybElbZlxNgf06b5f6W/kkHtGcJaV49oNHKBEmg03ceMip2wP5H6tk/BS6O4FTrEKvpYsn4+Kh6+7JMioCVQEXz3NvpH0BIkmnGncXBZTdtPihju7srb0uEHe0sys66PPBZGZQWbisBdr9knJ5WTfnh2iWLOGv2NgOwfgXQZyMdizINALDw==
You can also decrypt the pulickey encryption using dump.sh.
$ ./bin/dump.sh random-appname-12345 ./keys/insecure-private.pem
--> Connecting to postgresql-dbname-54321
1 2017-08-30 03:06:57+00 htpasswd /zoac5l7spoaY test-1 test-1:$apr1$4.Pz0U/W$TppMU9SjE/W0yg1FAPiMS/
2 2017-08-30 03:08:19+00 publickey /zoac5l7spoaY test-2 testTEST1234!!!
Or use heroku pg:sql command.
$ heroku pg:psql --app random-appname-12345
--> Connecting to postgresql-dbname-54321
psql (9.6.1, server 9.6.4)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
random-appname-12345::DATABASE=> select * from keys;
id | type | path | username | key | created_at
----+-----------+---------------+----------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------
1 | htpasswd | /vEswu2ech4ta | test-1 | test-1:$apr1$4.Pz0U/W$TppMU9SjE/W0yg1FAPiMS/ | 2017-08-30 03:06:57+00
2 | publickey | /vEswu2ech4ta | test-2 | nJ97fbhHIkZAMISp/zXVETvitUl8Qlbi1pyOTtoF3ybI9EDrqenPFb4WMOISrTn8sW+Qu5xvNsjaMEIC3j0Md+hmtEzlLmVK+Nb9bq989I9TnmjgdtFE9klyKkhb5J7r+7SKqBgzfmu7kAoREYBtg05hvNb3mJXGbAruybElbZlxNgf06b5f6W/kkHtGcJaV49oNHKBEmg03ceMip2wP5H6tk/BS6O4FTrEKvpYsn4+Kh6+7JMioCVQEXz3NvpH0BIkmnGncXBZTdtPihju7srb0uEHe0sys66PPBZGZQWbisBdr9knJ5WTfnh2iWLOGv2NgOwfgXQZyMdizINALDw== | 2017-08-30 03:08:19+00
(2 rows)If you want to decrypt the key manually, do this.
- Base64 decode
$ base64 -D input_file - Decrypt
$ openssl rsautl -decrypt -inkey privatekey_file -in base64decoded_file
I recommend to destroy the heroku app, when you finish receiving all the passwords.