3

Lastpass is out. Aside from all the ongoing issues with vaults being decrypted, I just canceled my paid subscription only to discover the free account is basically useless for anyone who actually uses technology (they limit you to either computers or mobile devices).

I've successfully gotten a Vaultwarden instance running and it works great. But I have a few concerns:

  • Right now the vault is hosted on my LAN, and I use a VPN to connect to my LAN from my mobile devices as needed to access other internal private services. The problem I see here is that if my LAN goes down for some reason, I might not have access to my passwords...
  • I thought about hosting the vault on one of my cloud VPS's. However I don't feel as secure having the instance "flapping in the breeze" ready as a target for the first exploit that's found in the server. I strongly prefer the idea of it only being accessible via some sort of VPN.
  • So, I thought I can just run a VPN on the VPS itself like I do with my home LAN right now, but then I realized my second concern is that if something were ever to happen to me, even temporarily (say I end up hospitalized), my VPS will just shut off as soon as payment isn't received on time and all the other family members who might need to use the instance (e.g. to access my passwords) will be out of luck.
  • The problem with requiring a VPN to get to the VPS or to my LAN is that I can't use the "give someone else access if I become incapacitated" options. I doubt my mom will ever remember how to activate the VPN and get into the vault, for example. (Not to mention I'd like to be able to offer family accounts on the instance as well, but I still am not sure how I feel about a Vaultwarden instance just sitting there on an open HTTP server.)

For those who self-host Vaultwarden (or even the official Bitwarden server), how do you do it securely and reliably? I know there isn't much to be done about the "it goes down if I don't pay" option other than setup autopay and hope it'll be able to withdraw from your account in your absence, but what about security in general? It really smells bad to run a known password-storing server out on the public Internet for easy scanning and infiltration, plus it just makes your host a prime target...

you are viewing a single comment's thread
view the rest of the comments
[-] CYCLONOUS_69@alien.top 1 points 1 year ago

I have successfully hosted Bitwarden on my unused laptop and no one was willing to buy it (typical Indian mentality). I run my laptop 24x7 with other applications and softwares on it while keeping it plugged to the wall.

I have configured CloudFlare tunnel to Bitwarden so I can access it outside of my local network without any issues. You just have to get a domain. I have configured my firewall on the server and the router to prevent unautorized access or DDoS. I have deployed Bitwarden using Docker-Compose according to official method which just works fine without any issues.

I did look into Vaultwarden but I always prefer to stick with offical docker images.

this post was submitted on 30 Oct 2023
3 points (100.0% liked)

Self-Hosted Main

504 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS