Difference between revisions of "GNOME/Keyring"

From ArchWiki
Jump to: navigation, search
(Use Without Gnome: added templates; fixed caps of 'GNOME'; renamed heading title)
(added templates; other minor fixes)
Line 9: Line 9:
 
== Manage using GUI ==
 
== Manage using GUI ==
 
  pacman -S seahorse
 
  pacman -S seahorse
It is possible to leave the gnome keyring password blank. In seahorse, on the Passwords tab, right click on "Passwords: login" and pick "Change password." Enter the old password and leave empty the new password. You will be warned about using unencrypted storage; continue by pushing "Use Unsafe Storage."
+
It is possible to leave the GNOME keyring password blank. In seahorse, on the Passwords tab, right click on "Passwords: login" and pick "Change password." Enter the old password and leave empty the new password. You will be warned about using unencrypted storage; continue by pushing "Use Unsafe Storage."
  
 
== Use Without GNOME ==
 
== Use Without GNOME ==
Line 59: Line 59:
  
 
== Unlock at Startup ==
 
== Unlock at Startup ==
GNOME's login manager (gdm) will automatically unlock the keyring once you login, for others it is not so easy.
+
GNOME's login manager ({{pkg|gdm}}) will automatically unlock the keyring once you log in; for others it is not so easy.
  
For SLiM, see [[SLiM#SLiM_and_Gnome_Keyring]], This method works for KDM as well, but you need to edit /etc/pam.d/kde instead of /etc/pam.d/slim.
+
For SLiM, see [[SLiM#SLiM_and_Gnome_Keyring]], This method works for KDM as well, but you need to edit {{ic|/etc/pam.d/kde}} instead of {{ic|/etc/pam.d/slim}}.
  
 
If you are using automatic login, then you can disable the keyring manager by setting a blank password on the login keyring. '''Note''': your passwords will be stored unencrypted if you do this.
 
If you are using automatic login, then you can disable the keyring manager by setting a blank password on the login keyring. '''Note''': your passwords will be stored unencrypted if you do this.
Line 67: Line 67:
 
== Useful Tools ==
 
== Useful Tools ==
 
=== gnome-keyring-query ===
 
=== gnome-keyring-query ===
{{ic|gnome-keyring-query}} from the AUR provides a simple command-line-tool for querying passwords from the password store of the Gnome Keyring.
+
{{AUR|gnome-keyring-query}} from the AUR provides a simple command-line tool for querying passwords from the password store of the GNOME Keyring.

Revision as of 18:47, 1 June 2012

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.


Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어


External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Tango-document-new.pngThis article is a stub.Tango-document-new.png

Notes: please use the first argument of the template to provide more detailed indications. (Discuss in Talk:GNOME/Keyring#)

The GNOME Keyring stores passwords in an encrypted file that can be accessed by applications.

Manage using GUI

pacman -S seahorse

It is possible to leave the GNOME keyring password blank. In seahorse, on the Passwords tab, right click on "Passwords: login" and pick "Change password." Enter the old password and leave empty the new password. You will be warned about using unencrypted storage; continue by pushing "Use Unsafe Storage."

Use Without GNOME

It is possible to use GNOME Keyring without the rest of the GNOME desktop. To do this, add the following to your ~/.xinitrc file:

# Start a D-Bus session
source /etc/X11/xinit/xinitrc.d/30-dbus
# Start GNOME Keyring
eval $(/usr/bin/gnome-keyring-daemon --start --components=gpg,pkcs11,secrets,ssh)
# You probably need to do this too:
export SSH_AUTH_SOCK
export GPG_AGENT_INFO
export GNOME_KEYRING_CONTROL
export GNOME_KEYRING_PID

See FS#13986 for more info.

SSH Keys

To add your SSH key:

$ ssh-add ~/.ssh/id_dsa
Enter passphrase for /home/mith/.ssh/id_dsa:

To list automatically loaded keys:

$ ssh-add -L

To disable all keys;

$ ssh-add -D

Now when you connect to a server, the key will be found and a dialog will popup asking you for the passphrase. It has an option to automatically unlock the key when you login. If you check this you will not need to enter your passphrase again!

The gnome-keyring dialog does not appear in some terminals when connecting with SSH

Solution:

Add the following lines to your ~/.bashrc

SSH_AUTH_SOCK=`netstat -xl | grep -o "$HOME"'/.cache/keyring-.*/ssh$'`
[ -z "$SSH_AUTH_SOCK" ] || export SSH_AUTH_SOCK

If you run on your terminal the following:

echo $SSH_AUTH_SOCK

will return something like the following:

/home/USER/.cache/keyring-ABCDEF/ssh

Now when you connect with ssh, gnome-keyring dialog will launch the "entry of the passphrase"

Unlock at Startup

GNOME's login manager (gdm) will automatically unlock the keyring once you log in; for others it is not so easy.

For SLiM, see SLiM#SLiM_and_Gnome_Keyring, This method works for KDM as well, but you need to edit /etc/pam.d/kde instead of /etc/pam.d/slim.

If you are using automatic login, then you can disable the keyring manager by setting a blank password on the login keyring. Note: your passwords will be stored unencrypted if you do this.

Useful Tools

gnome-keyring-query

gnome-keyring-queryAUR from the AUR provides a simple command-line tool for querying passwords from the password store of the GNOME Keyring.