Home

Awesome

KeePassRDP

Latest version Download KeePassRDP.zip Download KeePassRDP.exe Downloads latest Downloads total License

Overview

KeePassRDP is a plugin for KeePass 2.x which adds various options to connect to the URL of an entry via RDP.

Installation

  1. <sub>Download KeePassRDP.zip</sub> or <sub>Download KeePassRDP.exe</sub> of the latest <sub>Latest version</sub>.
  2. Run the self-extracting exe, or unzip and copy the KeePassRDP.plgx file to your KeePass plugins folder (e.g. %ProgramFiles%\KeePass Password Safe 2\Plugins).
  3. Start KeePass and enjoy using KeePassRDP.

Usage

To connect to target computers via RDP select one or more entries containing the IP-address(es) or hostname(s), right-click and select KeePassRDP > Open RDP connection (or simply press <kbd>CTRL</kbd> + <kbd>M</kbd>). A selection dialog will be shown when multiple credentials are found.

Context menu

To use one of the other connection options select the corresponding item from the context menu, or press the configurable keyboard shortcut.

Features

Languages

<sub>English</sub> English | <sub>German</sub> German

See how to translate.

<br>

Documentation

Trigger group / folder

How we use the KeePassRDP on a daily basis (I work for an MSP where we use KeePass to securely store credentials for accessing customer domains and computers):

Given a KeePass database that could be structured like this:

DB structure

Where each group contains entries specific to the customer.

If there is only a single jumphost or something similiar, we usually place an entry like the following directly into the customer group:

Jumphost example

When a customer has many hosts and/or requires multiple accounts, we create a subgroup called RDP inside the customer group:

RDP subgroup example

<small>The name of the trigger group can be configured from within the KeePassRDP options form (since v2.0).</small>

It might contain entries like these:

RDP subgroup example entries

Credentials are looked up from the customer/parent group in that case (by default they can also be in different subgroups within the customer group):

Customer example entries

<small>Ignoring entries can be toggled via the KeePassRDP context menu (since v1.9.0) or from the toolbar (since v2.0).</small>

<div id="selection-dialog"></div>

To connect to one of the targets in the RDP group (using credentials) select the entry, press <kbd>CTRL</kbd> + <kbd>M</kbd> and KeePassRDP will show a dialog with filtered account entries (matching the titles by a configurable regular expression, e.g. domain-admin, local user, ...).

Credential selection dialog

Finally you just have to choose the credential you want to use and click "GO" (or press <kbd>Enter</kbd>).

<br> <div id="individual-entry-settings"></div>

<small>Individual entry settings can be set from the KeePassRDP tab on the edit entry form (since v2.0).</small>

Entry settings

<div id="advanced-settings"></div>

<small>Advanced settings can be configured through .rdp files (since v2.1).</small>

Advanced settings

Keyboard shortcuts

Fully configurable from within the KeePassRDP options form.

Keyboard shortcuts

Context menu / toolbar items

Visibility of items is configurable from within the KeePassRDP options form.

Visibility settings

Credential picker

Customizable from within the KeePassRDP options form.

Credential picker settings

<div id="credential-picker-regex"></div>

Credential picker regex

Automatization helpers

Can be activated from within the KeePassRDP options form.

Executable settings

How it works

The plugin basically calls the default mstsc.exe with the /v:<address> (and optionally other) parameter(s) to connect.

Opening a connection with credentials will save the selected credential(s) into the Windows credential manager ("vault") for access by the mstsc.exe process.

The credential(s) will then be removed depending on how KeePassRDP is configured.

When using .rdp files a temporary file is created and removed after the mstsc.exe process exits.

Credential lifetime

Configurable from within the KeePassRDP options form.

Credential settings

Translate

You can use Resources.de.resx as a starting point.

  1. Copy and rename the file according to the language you are translating into (e.g. KeePassRDP.es-ES.resx for spanish).
  2. Translate as much as wanted.
  3. Create a binary resource file from the ResX template by entering the following into a VS Developer Command Prompt:
resgen.exe KeePassRDP.es-ES.resx
  1. Copy the generated KeePassRDP.es-ES.resources file to %AppData%\KeePass.
  2. Please share your progress with the KeePassRDP community :heart:.

<small>:bulb: This also allows overwriting of all (translatable) built-in strings.</small>

Silent extraction

The following example will extract the .plgx file and overwrite it in the target folder:

KeePassRDP_v2.2.2.exe /Q:A /C /T:"%ProgramFiles%\KeePass Password Safe 2\Plugins"

<small>:bulb: Writing into %ProgramFiles% usually requires administrator privileges.</small>

Building instructions

Just clone the repository:

git clone https://github.com/iSnackyCracky/KeePassRDP.git

Open the solution file (KeePassRDP.sln) with Visual Studio and build the KeePassRDP project:

Build project

You should get a ready-to-use .plgx, .zip and .exe file like the ones from the releases.

<small>:bulb: Remember to place a copy of KeePass.exe in the KeePass folder.</small>

Third-party software

KeePassRDP makes use of the following third-party libraries: