How To Install sysPass Password Manager on Debian 11

Install sysPass Password Manager on Debian 11

In this tutorial, we will show you how to install sysPass Password Manager on Debian 11. For those of you who didn’t know, sysPass is a free PHP web-based password management cross-platform with a web app, mobile app and a browser extension. sysPass provides a simple and user-friendly web interface to generate and manage all passwords. It is written in PHP, providing password management securely and collaboratively.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of sysPass Password Manager on a Debian 11 (Bullseye).

Install sysPass Password Manager on Debian 11 Bullseye

Step 1. Before we install any software, it’s important to make sure your system is up to date by running the following apt commands in the terminal:

sudo apt update
sudo apt upgrade

Step 2. Installing the LAMP stack.

A Debian 11 LAMP server is required. If you do not have LAMP installed, Please read our previous tutorial to install LAMP Server on Debian 11.

Step 3. Installing sysPass Password Manager on Debian 11.

Now we download the latest version of sysPass from the Git repository:

git clone https://github.com/nuxsmin/sysPass.git
mv sysPass /var/www/html/syspass

We will need to change some folder permissions:

chown -R www-data:www-data /var/www/html/syspass
chmod 750 /var/www/html/syspass/app/{config,backup}

Step 4. Installing Composer.

Now we create a Composer installation script:

nano /var/www/html/syspass/install-composer.sh

Add the following lines:

#!/bin/sh
 EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
 php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
 ACTUAL_SIGNATURE="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
 if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
 then
     >&2 echo 'ERROR: Invalid installer signature'
     rm composer-setup.php
     exit 1
 fi
 php composer-setup.php --quiet
 RESULT=$?
 rm composer-setup.php
 exit $RESULT

Save and close the file then run the Composer installation script:

cd /var/www/html/syspass/
sh install-composer.sh
php composer.phar install --no-dev

Step 5. Configuring MariaDB.

By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read and below each step carefully which will set the root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:

mysql_secure_installation

Configure it like this:

- Set root password? [Y/n] y
- Remove anonymous users? [Y/n] y
- Disallow root login remotely? [Y/n] y
- Remove test database and access to it? [Y/n] y
- Reload privilege tables now? [Y/n] y

Next, we will need to log in to the MariaDB console and create a database for sysPass. Run the following command:

mysql -u root -p

This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server, you need to create a database for sysPass installation:

MariaDB [(none)]> CREATE DATABASE syspassdb;
MariaDB [(none)]> CREATE USER 'syspass_user'@'localhost' IDENTIFIED BY 'your-strong-password';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON syspassdb.* to [email protected]'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit

Step 6. Configuring Apache.

Now we create a new VirtualHost to better manage the sysPass:

nano /etc/apache2/sites-available/syspass.conf

Add the following file:

<VirtualHost *:80>
     ServerAdmin [email protected]_domain.com
      DocumentRoot /var/www/html/syspass
     ServerName your-domain.com

     <Directory /var/www/html/syspass/>
          Options FollowSymlinks
          AllowOverride All
          Require all granted
     </Directory>

     ErrorLog ${APACHE_LOG_DIR}/your-domain.com_error.log
     CustomLog ${APACHE_LOG_DIR}/your-domain.com_access.log combined

</VirtualHost>

Save and close, then restart the Apache webserver so that the changes take place:

sudo a2ensite syspass
sudo a2enmod rewrite
sudo systemctl restart apache2

Step 7. Accessing sysPass Password Manager Web Interface.

Once successfully installed, open your web browser and access the sysPass web interface using the URL http://syspass.your-domain.com. You will be redirected to the following page:

Install sysPass Password Manager on Debian 11 Bullseye

Congratulations! You have successfully installed sysPass. Thanks for using this tutorial for installing the latest version of sysPass Password Manager on Debian 11 Bullseye. For additional help or useful information, we recommend you check the official sysPass  website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!