# KeePass2 KPScript Installation on Linux

I recently wrote about extending the functionality of the KeePass2 password manager to allow the creation of CSV files from KeePass2 password database files. KeePass2 has a wide variety of functionality built in, and has a straightforward GUI.

GUI = Graphical User Interface
It also comes with an extension, called kpscript, that adds a robust CLI.
CLI = Command-Line Interface
Installing KPScript in Linux was confusing to me, so I’m posting quick instructions here, hoping that they might be useful to someone coming to this site from a search engine in the future.

These instructions are derived from a working PKGBUILD for Arch Linux by Jonathan Liu in the Arch User Repository (AUR). I’ve expanded them to work for other Linux distributions, as well; I tested the instructions in openSUSE 13.1, but they should work anywhere. They might even work in Mac OSX.

# Initial information-gathering

1. Having installed KeePass through your distro. repository, run which keepass in a terminal to see where the keepass program file is stored on your system. In openSUSE 13.1, the location is /usr/bin/keepass.
2. If you use that location and run cat with it (e.g., cat /usr/bin/keepass), you’ll likely see that, rather than being a binary file, usr/bin/keepass is actually a shell script with one line:
exec mono /usr/lib/keepass/KeePass.exe "$@"  (“$@” here represents all of the arguments that the user types in after the keepass command [e.g., keepass --help])

What we’re looking for here is the location of KeePass.exe — here, /usr/lib/keepass/KeePass.exe. In some distros, this will be in usr/share/keepass/KeePass.exe, instead.

If that method doesn’t work on your system, you can launch KeePass2, open a terminal, and run ps ax | grep keepass, which will search all running processes on your system and give you output similar to what’s above (e.g., mono /usr/lib/keepass/KeePass.exe).

The kpscript documentation states that “the KPScript.exe file needs to be copied into the directory where KeePass is installed (where the KeePass.exe file is).”

# Now that you have the location of KeePass.exe, you can install kpscript

2. “Install” KPScript.exe using the following commands (assuming that the directory of note above was /usr/lib/keepass):
sudo install -D -m644 KPScript.exe "/usr/lib/keepass/KPScript.exe"
echo '/usr/bin/mono /usr/lib/keepass/KPScript.exe "$@"' > /tmp/kpscript sudo install -D -m755 /tmp/kpscript "/usr/bin/kpscript"  You should now be able to run kpscript from any new terminal. You can launch kpscript commands and have them ask for your KeePass2 password / key using the KeePass GUI password prompt using kpscript /path/to/KeePass2_file.kdbx -guikeyprompt -c:ListGroups (-c: gives kpscript a command to run — here, after entering your password, kpscript would list all password groups in your .kdbx file. If you are planning to run kpscript over a server, where you won’t have access to a GUI prompt, you are expected to enter your password in plain text as part of your kpscript invocation (e.g., with kpscript /path/to/KeePass2_file.kdbx -guikeyprompt -c:ListGroups -pw:"your_password_goes_here"). If you are uncomfortable with that, here is a bash script that prompts for the password in a more secure way (i.e., without showing it as you type it in): #/bin/bash read -s -p "If your database has a password, enter it here (it will be passed to kpscript with the '-pw' flag). Otherwise, just press [Enter]: " user_password if [ ! -z "$user_password" ]; # If the user entered anything (if $user_password is NOT zero-length (i.e., blank)): then kpscript -pw:$user_password "$@" else kpscript "$@"