OPEN SOURCE TOOLS

How to Setup Teampass Password Manager on Ubuntu 16.04

Posted on : January 30, 2017 , Last Updated on : January 29, 2017 By in UBUNTU HOWTO
| 1 Reply More

Teampass is a dedicated password manager for storing/accessing passwords securely in MySQL database. It is especially designed for business and enterprise environment and provides team manager a powerful tool for customizing passwords access depending on users role. This article covers how to setup Teampass on Ubuntu 16.04 with Apache and Mysql.

Requirements:

Apache, MySQL, PHP 5.5.0 or higher
PHP extensions: mcrypt,  openssl,  ldap (if used),  mbstring,  bcmath,  iconv,  xml,  gd,  openssl, mysqlnd

1) Install Apache/MySQL

Apache2 is available as an Ubuntu package, install it using following command. The document root of the apache default vhost is /var/www/html and the main configuration file is /etc/apache2/apache2.conf.

root@demohost:~# sudo apt-get install apache2

Similarly, install mysql server with the following apt-get command. While installing mysql you will be asked for root password. Provide a strong password.

root@demohost:~# sudo apt-get install mysql-server

Optionally, you can go for secure mysql installation. You need to answer few questions for secure installation.

root@demohost:~# sudo mysql_secure_installation

2) Install PHP

Install php7 and apache2 module like below.

root@demohost:~# sudo apt-get install php libapache2-mod-php

Now install all the php extensions required by teampass

root@demohost:~# sudo apt-get install php-mcrypt php-mysql php-opcache php-mbstring php-ldap php-bcmath php-gd php-xml php-common php-mysqlnd

Check the version of php

root@demohost:~# php -v
PHP 7.0.13-0ubuntu0.16.04.1 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.13-0ubuntu0.16.04.1, Copyright (c) 1999-2016, by Zend Technologies

3) Create MySQL database

Create a MySQL database and a user for team-pass.

root@demohost:~# mysql -u root -p
Enter password:

mysql> create database teampass;
Query OK, 1 row affected (0.00 sec)

mysql> grant all privileges on teampass.* to teampassuser@localhost identified by 'somepassword';
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye

4) Configure Apache for teampass

Download team-pass from github and unzip it in the website root folder /var/www/html.

root@demohost:~# cd /var/www/html
root@demohost:/var/www/html# wget -q https://github.com/nilsteampassnet/TeamPass/archive/master.zip
root@demohost:/var/www/html# unzip master.zip

Change the ownership of team-pass to www-data

root@demohost:/var/www/html# mv TeamPass-master/ teampassuser
root@demohost:/var/www/html# chown -R www-data:www-data teampass/

Change maximum execution time of PHP to 120

root@demohost:/var/www/html# vim /etc/php/7.0/apache2/php.ini
max_execution_time = 120

Restart Apache

root@demohost:/var/www/html# service apache2 restart

Create Team-pass keys directory inside /var/www/html/teampass and change permission and ownership.

root@demohost:/var/www/html# mkdir -p /var/www/html/teampass/keys
root@demohost:/var/www/html# chmod 755 /var/www/html/teampass/keys
root@demohost:/var/www/html# chown -R www-data:www-data /var/www/html/teampass/keys

5) Install Teampass

Open your favorite browser and type http://IP-ADDRESS/teampass or http://domain-name/teampass in the address bar. You will be welcome by installation suggestions.

Teampass welcome page

Click "Next"

Teampass Server Check

Click "Launch". If any error is found during server check, correct it and then click "Restart". Once all requirements/server check are passed successfully click "Next".

Teampass database information

Provide MySQL database information that we have created in step 3 and click "Launch". The installer will validate the database information. On successful validation you will get the message "Connection is successful".

Teampass database connection successful

Give a table prefix, generate encryption keys, give the path of teampass keys that we have created earlier. You also need to provide a admin password and then click the check-box "Send monthly anonymous statistics" (optional). Now click "Launch".

Teampass setup

Click "Launch" to proceed to next step.

Teampass information stored

Once database information is stored click "Next"

Teampass table creation

Click "Next" for finalizing installation.

Teampass installation finalization

Click "Next"

Teampass cleanup

The teampass installation is finished, click "Start"

Teampass installation complete

Login to teampass using admin account with your chosen password.

Teampass login

The main page describes about the components being used in teampass and other information's.

Teampass Dashboard

Now click "Settings" and adjust values according to your environment. Change maintenance mode to no and change timezone and date format.

Teampass settings

Click "Folders management" icon from top and then click "+"  sign. Now create a folder according to your requirements and then click “Save”. Similarly create few folders.

Teampass folder management

Now Click "Roles management" icon from the top and then click "+" sign to create few roles.

Teampass roles management

In roles management for the folder "HR"" click the "hand"" icon and give the read access and then click "Save".

Teampass folder access management

View all the folders/sub-folders and their attributes by clicking the folders management icon from the top.

Teampass folder dashboard

Click roles management from the top menu bar, choose the folder for which you want to define access rights and save.

Teampass assign roles to folders

Click "+" icon from users management to add a user, enter users details and save.

Teampass create users

To edit the users account click the arrow key.

Teampass allow folder permissions

To change users password, click "Key" symbol from users management. Provide new password and save.

Teampass change password user

Click utilities tab (last one), make API access enabled and create a new key. Now add allowed IP address to access API.

Teampass api key

Enable Google 2FA and DUO security 2FA to "Yes". Generate random key and save.

Teampass 2FA

In the e-mail tab, provide SMTP server address and rest of the information according to yours.

Teampass mail server

You can change settings for database backup and restore as well as optional backup script.

Teampass backup configuration

In LDAP section, Choose the server type and other information if you intend to use LDAP.

Teampass LDAP configuration

We have covered almost all the aspects of team-pass including installation . You can now explore the rest of the utilities .

Conclusions:

We have installed it and explored most of the functionalities. Browse here to read full documentation of teampass. Hope you have enjoyed this tutorial and thanks for reading this article.

You might also like

Filed Under : OPEN SOURCE TOOLS, UBUNTU HOWTO

Tagged With : ,

Free Linux Ebook to Download

Previous Article
Next Article

Comments (1)

Trackback URL | Comments RSS Feed

  1. Aleksei says:
    March 2, 2017 at 11:16 am

    Thanks a lot!

    I think, here is mistake:
    Change the ownership of team-pass to www-data
    root@demohost:/var/www/html# mv TeamPass-master/ teampassuser

    should be teampass instead of teampassuser

    Reply

Leave a Reply

All comments are subject to moderation.