In this tutorial, we will show you how to install sysPass Password Manager on Debian 11. For those of you who didn’t know, sysPass is a free PHP web-based password management cross-platform with a web app, mobile app, and browser extension. sysPass provides a simple and user-friendly web interface to generate and manage all passwords. It is written in PHP, providing password management securely and collaboratively.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of sysPass Password Manager on a Debian 11 (Bullseye).
Prerequisites
- A server running one of the following operating systems: Debian 11 (Bullseye).
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install sysPass Password Manager on Debian 11 Bullseye
Step 1. Before we install any software, it’s important to make sure your system is up to date by running the following apt commands in the terminal:
sudo apt update sudo apt upgrade
Step 2. Installing the LAMP stack.
A Debian 11 LAMP server is required. If you do not have LAMP installed, Please read our previous tutorial to install LAMP Server on Debian 11.
Step 3. Installing sysPass Password Manager on Debian 11.
Now we download the latest version of sysPass from the Git repository:
git clone https://github.com/nuxsmin/sysPass.git mv sysPass /var/www/html/syspass
We will need to change some folder permissions:
chown -R www-data:www-data /var/www/html/syspass
chmod 750 /var/www/html/syspass/app/{config,backup}
Step 4. Installing Composer.
Now we create a Composer installation script:
nano /var/www/html/syspass/install-composer.sh
Add the following lines:
#!/bin/sh
EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
ACTUAL_SIGNATURE="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
then
>&2 echo 'ERROR: Invalid installer signature'
rm composer-setup.php
exit 1
fi
php composer-setup.php --quiet
RESULT=$?
rm composer-setup.php
exit $RESULT
Save and close the file then run the Composer installation script:
cd /var/www/html/syspass/ sh install-composer.sh php composer.phar install --no-dev
Step 5. Configuring MariaDB.
By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read and below each step carefully which will set the root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:
mysql_secure_installation
Configure it like this:
- Set root password? [Y/n] y - Remove anonymous users? [Y/n] y - Disallow root login remotely? [Y/n] y - Remove test database and access to it? [Y/n] y - Reload privilege tables now? [Y/n] y
Next, we will need to log in to the MariaDB console and create a database for sysPass. Run the following command:
mysql -u root -p
This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server, you need to create a database for sysPass installation:
MariaDB [(none)]> CREATE DATABASE syspassdb; MariaDB [(none)]> CREATE USER 'syspass_user'@'localhost' IDENTIFIED BY 'your-strong-password'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON syspassdb.* to syspass_user@'localhost'; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> exit
Step 6. Configuring Apache.
Now we create a new VirtualHost to better manage the sysPass:
nano /etc/apache2/sites-available/syspass.conf
Add the following file:
<VirtualHost *:80>
ServerAdmin admin@your_domain.com
DocumentRoot /var/www/html/syspass
ServerName your-domain.com
<Directory /var/www/html/syspass/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/your-domain.com_error.log
CustomLog ${APACHE_LOG_DIR}/your-domain.com_access.log combined
</VirtualHost>
Save and close, then restart the Apache webserver so that the changes take place:
sudo a2ensite syspass sudo a2enmod rewrite sudo systemctl restart apache2
Step 7. Accessing sysPass Password Manager Web Interface.
Once successfully installed, open your web browser and access the sysPass web interface using the URL http://syspass.your-domain.com. You will be redirected to the following page:
Congratulations! You have successfully installed sysPass. Thanks for using this tutorial for installing the latest version of sysPass Password Manager on Debian 11 Bullseye. For additional help or useful information, we recommend you check the official sysPass website.
