Scroll Top

Creating a Cloud Hosted Password Vault with Passbolt

Setting Up a Cloud-Hosted Password Vault with Passbolt

In our digital age, maintaining security and privacy is no small feat. For those of us who wear the cybersecurity hat, we’re always in search of the next best tool or method to keep our digital assets safe. Most recently, I ventured into the realm of cloud-hosted password management using Passbolt Community Edition. Let’s take a look at this exciting project!

1. Tools of the Trade

To get this project underway, a handful of tools were essential:

  • AWS (Amazon Web Services): A reliable platform to host our services.
  • Virtual Box: Used a Linux VM for smooth sailing.
  • Namecheap: Where our domain resides.
  • Passbolt: An open-source password manager that’s at the heart of this project. Available in the AWS Marketplace.

2. Setting Up on AWS

Starting on AWS, here’s a step-by-step guide:

  1. Selection: On the AWS Marketplace, I opted for the Passbolt Community Edition AMI. Remember, always choose a region close to you to ensure optimal performance.
  2. Pricing & Subscription: After configuring your desired settings, select “Continue to Subscribe”.
  3. Configuration: Here, you’ll want to maintain the default settings. A significant point is setting up the “Security Group Settings”. Instead of using a predefined group, create a new one based on seller settings. Don’t forget to name it!
  4. Key Pair Creation: Before launching, create an EC2 key pair. This step is vital for secure access to your instance later on.
  5. Launch: With everything set, launch your EC2 instance. Once it’s up and running, make a note of the public IPV4 address – this will be essential for configuring Passbolt.

3. SSL Configuration

A vital note for anyone venturing into this territory: Always ensure SSL is set up. Sending passwords in plain text is a major no-no!

  1. Domain Setup: Head over to Namecheap and set up an A Record for your domain: Advanced DNS > New Record. The type should be A Record, with the host as ‘@’, and the value being your EC2 instance’s IP address.
  2. Nginx Configuration: SSH into your server as admin. Then, open the configuration files for Passbolt with sudo nano /etc/nginx/sites-enabled/nginx-passbolt.conf. Update the server_name line with your domain name.
  3. SSL Setup: Kick off the SSL setup with sudo dpkg-reconfigure passbolt-ce-server. While setting up, opt out of creating a Passbolt database on the local MySQL, but say ‘Yes’ to configuring the nginx server. Input your domain name and email for the setup.

4. Wrapping Up

After all the configurations, head back to the EC2 console for Passbolt. When accessing it, you might encounter a “connection not secure” warning – bypass it for now.

Reflection

The journey of setting up a self-managed, cloud-hosted password vault was both enlightening and rewarding. Passbolt Community Edition served as a robust platform, offering the ideal balance between security and user-friendliness.

For anyone eyeing a secure password management solution that rests under their control, this is a worthwhile venture. Stay secure and keep experimenting!