vault loading times

[budachst]

I am wondering, what regular loading times vor password vaults are. On my system passman takes approx. 28s for loading a vault which holds 257 credentials.

Given the fact, that passman quite often seems to load in the complete vault, this makes interactive work with the passman app quite cumbersome.

Anyone wants to chime in?

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/42452973-vault-loading-times?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github).

[brantje]

Complete vault loading is needed for the search and tags. Otherwise it will search through a subset of credentials. I'm running passman with about 300 credentials takes about 5 seconds to decrypt everything. What hardware are you using?

[budachst]

I am running nextcloud and passman on a Rpi 2B, which will be one of the most used platforms for it, I guess. The database, however, is running on a HP N40L under S11. What would be the most containing part of the process, the decryption itself?

[animalillo]

Let me explain a little the steps taken while loading a vault.

1. Credentials are loaded from the database
2. Credentials are decrypted server side with a multi part key unique for every credential.
3. Credentials are sent to the browser/client
4. Credentials are decrypted with the vault key on the client side

The two most low parts of this process are the server side encryption and the client side encryption.

In your case the slowest part is the server side decryption, probably, as an rpi is quiet slow hardware.

[budachst]

When I look at the RPi, when it's dealing with the vault, there's only one oc the four cores doing work - could that be somehow leveraged? A threaded decryption maybe?

[brantje]

Are you using nginx (with php-fpm), or apache (which has php as submodule)?

[budachst]

I am running apache.

[budachst]

I can check this on another RPi3, which has a better CPU, but I guess that other than the ARM running at 1.2GHz, there will be no significant speed-up. And… the Nextcloudbox itself only sports a RPi2, as the OS has not yet been updated to run on a RPi3…

I'll give the RPI3 a spin this week.

[animalillo]

Keep us updated with your findings anyway, thanks!

[budachst]

So, I just ported my NC 11.0.2 to a RPi3, which I also tweaked with some overclocking. This brought the vault loading time down from 28s to 11s. Well, this is much better than 28s, of course.

[animalillo]

Awesome! It would be great if you shared your rpi config for others to be able to replicate it tho.

Right now we don't have the time to recreate the server side encryption in a better way. We have done ideas of how it could be improved for speed, but not the time required, both main developers AR going to start new jobs today so we will have little time in the near future.

Don't worry tho! We won't let passman aside!

[budachst]

Well, the actual rPi config is not a big deal. I guess anyone, who has looked into overclocking the pi finally comes to the same setup - well, more or less, of course. I ripped out a RPi3 which had been serving as a Plex client before and started by installing NOOBS/raspbian on it.

I then cycled through som eupdates and also fitted the system with php7, since I think NC 12 will need that. Then I performed some checking for stabiliy on the rPi3 at various clock speeds for CPU and SDRAM.

I finally settled with these settings in /boot/config.txt

arm_freq=1100 over_voltage=6

So, best of luck for your new jobs! And I hope that you will find some time in the future to improve passman further - it is already a really cool piece of software and great addition to Nextcloud.

[animalillo]

Thanks! :D

[brantje]

If i came up with a method to prevent reloading the vault after each edit, would that lessen the issue?

[budachst]

This would be great. After I replaced my original Raspi with y Raspi3, the initial loading times have gone down to approx. 7s, which rather seldom annoy me, but I am editing the vault quite a lot, so getting rid of those 7s, really would be a huge win.

[brantje]

I don't know how familiar you are with git. If you know how to switch branches and make backups then you're set to try my branch. In the fixLoadingSpeed branch i've added some local caching to the application. Feel free to try it out ^_^.

[brantje]

Above commit has been merged into master.

[budachst]

Hi, since I have been running my nextcloud in a i86x64 based VM, the speed issue hasn't occurred to me that much. Vault loading times are approx. 5s, but I wanted to try the new master anyway. However, after unzipping the master, there seems to be a specific setup needed for compiling passman - something about npm and such things, which I am actually nor very good at.

I can either wait for the change to be released by you, or you tell mw, what I will have to install on my box to be able to run the Makefile… ;)