Maximum performance at minimal cost. Start your server in seconds now!
    Vijona

    Deploying Passbolt on Linux Distributions

    Passbolt is an open-source password manager designed for secure storage and management of passwords and sensitive data through end-to-end encryption. Operating mainly as a browser extension for Chrome and Firefox, it performs all encryption and decryption tasks locally using OpenPGP to enhance security. It supports features such as login, password autofill, role-based access control, and team collaboration by sharing credentials within groups.

    This guide details the process of installing and configuring Passbolt on Ubuntu 24.04, Debian 12, Rocky Linux, and Alma Linux 9. It covers installation, setup, and using Passbolt to create and manage passwords.

    Prerequisites

    Before starting, ensure the following requirements are met:

    • Access to a Linux server running one of the following operating systems as a non-root sudo user:
      • Ubuntu 24.04
      • Debian 12
      • Rocky Linux 9
      • Alma Linux 9
    • Create a new domain A record pointing to your server’s public IP address, for example: passbolt.example.com.

    Install Passbolt

    Passbolt can be installed on multiple Linux distributions. The instructions below explain how to deploy it on Ubuntu 24.04, Debian 12, Rocky Linux 9, and Alma Linux 9.

    Ubuntu 24.04 and Debian 12 Installation

    Follow these steps to install Passbolt on an Ubuntu 24.04 or Debian 12 system.

    Download the Installation Script

    Copy Code 
    

    $ curl -LO https://download.passbolt.com/ce/installer/passbolt-repo-setup.ce.sh

    Download the Checksum File

    Copy Code 
    

    $ curl -LO https://github.com/passbolt/passbolt-dep-scripts/releases/latest/download/passbolt-ce-SHA512SUM.txt

    Verify Script Integrity

    Copy Code 
    

    $ sha512sum -c passbolt-ce-SHA512SUM.txt

    Expected output:

    passbolt-repo-setup.ce.sh: OK

    Run the Installation Script

    Copy Code 
    

    $ sudo bash ./passbolt-repo-setup.ce.sh

    Configure the Firewall

    Copy Code 
    

    $ sudo ufw allow 80,443/tcp

    Install Passbolt Package

    Copy Code 
    

    $ sudo apt install passbolt-ce-server

    This command installs the community edition of Passbolt and prompts for database configuration.

    Database and Web Server Configuration

    Passbolt uses MySQL to store encrypted password entries and user information. Follow the prompts to:

    • Create a new database (select Yes).
    • Set the database administrator username to root.
    • Enter and confirm the administrator password.
    • Create a new database username for Passbolt and set its password.
    • Specify the database name.

    Next, configure the Nginx web server for Passbolt:

    • Select Yes to configure Nginx.
    • Choose Auto as the SSL certificate option to automatically generate and configure a self-signed SSL certificate using Certbot.
    • Enter your domain name.
    • Provide the email address for Let’s Encrypt notifications.

    After completing these steps, the Passbolt installation on Ubuntu or Debian is finished.

    Rocky Linux 9 and Alma Linux 9 Installation

    Follow these steps to set up Passbolt on a Rocky Linux 9 or Alma Linux 9 server.

    Download the Installation Script

    Copy Code 
    

    $ curl -LO https://download.passbolt.com/ce/installer/passbolt-repo-setup.ce.sh

    Download the Checksum File

    Copy Code 
    

    $ curl -LO https://github.com/passbolt/passbolt-dep-scripts/releases/latest/download/passbolt-ce-SHA512SUM.txt

    Verify Script Integrity

    Copy Code 
    

    $ sha512sum -c passbolt-ce-SHA512SUM.txt

    Expected output:

    passbolt-repo-setup.ce.sh: OK

    Run the Installation Script

    Copy Code 
    

    $ sudo bash ./passbolt-repo-setup.ce.sh

    Install Passbolt Package

    Copy Code 
    

    $ sudo dnf install passbolt-ce-server

    This installs the Passbolt community edition on Rocky Linux or Alma Linux.

    Interactive Configuration

    Copy Code 
    

    $ sudo /usr/local/bin/passbolt-configure

    This command sets up dependencies, firewall, database, Nginx web server, and generates a TLS certificate for the Passbolt portal.

    Database Setup

    When prompted, choose option 1 to install a local MariaDB server:

    ==============================================================
Do you want to install a local mariadb server on this machine?
==============================================================
1) yes
2) no
#? 1

    Enter and confirm a password for the MariaDB root user:

    =======================================================
Please enter a new password for the root database user:
=======================================================
MariaDB Root Password:
MariaDB Root Password (verify):

    Specify a username for the Passbolt database user, for example:

    Passbolt database user name: passboltuser

    Set and confirm the password for the database user:

    MariaDB passbolt user password:
MariaDB passbolt user password (verify):

    Provide a name for the Passbolt database:

    Passbolt database name: passboltdb

    Enter your domain name:

    Hostname: passbolt.example.com

    Choose option 2 for automatic SSL certificate generation:

    ================================================================================
1) manual
2) auto
3) none
#? 2

    This allows Passbolt to automatically install a Let’s Encrypt SSL certificate and enable HTTPS.

    Finally, provide an email address for Let’s Encrypt registration:

    Enter a email address to register with Let's Encrypt:

    After completing these steps, Passbolt installation is complete on Rocky Linux or Alma Linux.

    Configure Passbolt

    Passbolt needs a browser-based configuration to finalize its setup. While the server-side installation prepares the core application, the web-based configuration sets up the database, generates the OpenPGP key, creates the administrator account, assigns a passphrase, and installs the Passbolt browser extension. In this section, you will complete the configuration through the web portal.

    Open a web browser and go to your domain, for example, https://passbolt.example.com. The Passbolt setup screen appears. Click Get Started.

    Click Start configuration.

    Provide the database connection details. In the database connection URL field, type localhost. Enter the username, password, and database name you set during installation, and click Next.

    Configure the server key by entering your server name and email address. Keep the key type as RSA DSA and the key length at 3072. Click Next.

    In the full base URL field, enter your domain name, for example, https://passbolt.example.com. Select Yes in the Force SSL field and click Next.

    Enter SMTP server details to receive email notifications. Provide your name in the Sender name field and your email address in the Sender email. Specify your SMTP host, such as smtp.gmail.com, and click Next.

    To create the Passbolt administrator account, fill in the administrator’s first name, last name, and username. Click Next.

    You will then be redirected to a page to set the passphrase for your Passbolt account.

    Enter a strong passphrase and click Next. Be sure to note this passphrase, as you need it to log in, access stored passwords, and perform sensitive operations.

    After this step, a password recovery kit containing a private GPG key for your account will be downloaded to your device.

    Check the box labeled I safely stored my recovery kit to confirm the download, and click Next.

    Select a color from the available options and click Next. Make a note of the security token and background color. These appear whenever you are prompted for your passphrase, ensuring the form originates from Passbolt and helping prevent phishing attacks.

    Click the Download extension button to download the Passbolt browser extension.

    Once the extension is installed, a new page opens. Click Next to proceed to the Passbolt dashboard.

    Access and Use Passbolt

    This section explains how to create and manage passwords in Passbolt and how to use the autofill feature.

    Go to your Passbolt dashboard. To create a new entry, click Create.

    Select Folder to create a new folder.

    Enter a name for the folder, for example, Sample, and click Save.

    In the dashboard, open the created folder and click Create to add a resource within the folder.

    Select Password.

    Provide the name of the password, the site’s URI, the username, and the password itself. Click Create.

    When prompted, enter your passphrase to complete the password creation process and click OK.

    You can now view, copy, and edit the password from the dashboard.

    The Passbolt browser extension enables password autofill. To use this feature, open a new browser tab and enter the URL linked to the saved password, for example, centron.de. The page should display the Passbolt icon in the input field. Click it to reveal the saved password and other options.

    Click the created password, for example Password1, to autofill the credentials.

    Enter your passphrase when prompted. Your login details will be automatically filled in, and you can proceed to log in.

    Conclusion

    You have installed, configured, and used Passbolt to create and manage passwords. You can now securely store and handle your passwords and other sensitive information. For further details on using Passbolt, visit the official Passbolt documentation.

    Source: vultr.com

    Create a Free Account

    Register now and get access to our Cloud Services.

    Try now

    Posts you might be interested in: