Difference between revisions of "KDE Wallet"
m ("display manager" is not a proper noun) |
(→Troubleshooting: Unrelated, move to KDE) |
||
Line 82: | Line 82: | ||
Chrome/Chromium has built in wallet integration. To enable it, run Chromium with the {{ic|1=--password-store=kwallet}} or {{ic|1=--password-store=detect}} argument. To make the change persistent, see [[Chromium/Tips and tricks#Making flags persistent]]. (Setting CHROMIUM_USER_FLAGS will not work.) | Chrome/Chromium has built in wallet integration. To enable it, run Chromium with the {{ic|1=--password-store=kwallet}} or {{ic|1=--password-store=detect}} argument. To make the change persistent, see [[Chromium/Tips and tricks#Making flags persistent]]. (Setting CHROMIUM_USER_FLAGS will not work.) | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== See also == | == See also == | ||
* [https://www.dennogumi.org/2014/04/unlocking-kwallet-with-pam/ Unlocking KWallet with PAM] | * [https://www.dennogumi.org/2014/04/unlocking-kwallet-with-pam/ Unlocking KWallet with PAM] |
Revision as of 19:59, 8 March 2018
KDE Wallet Manager is a tool to manage passwords on the KDE Plasma system. By using the KWallet subsystem it not only allows you to keep your own secrets but also to access and manage the passwords of every application that integrates with KWallet.
Contents
Unlock KDE Wallet automatically on login
- The chosen KWallet password must be the same as the current user password.
- kwallet-pam is not compatible with GnuPG keys, the KDE Wallet must use the standard
blowfish
encryption. - The wallet must be named
kdewallet
(default name). It doesn't unlock any other wallet(s).
Install kwallet-pam for the PAM compatible module.
Configure display manager
The following lines must be present under their corresponding sections:
auth optional pam_kwallet5.so session optional pam_kwallet5.so auto_start
It may be needed to edit the display manager configuration:
- For SDDM no further edits should be needed because the lines are already present in
/etc/pam.d/sddm
. - For GDM edit
/etc/pam.d/gdm-password
accordingly. - For LightDM edit
/etc/pam.d/lightdm
and/etc/pam.d/lightdm-greeter
files:
/etc/pam.d/lightdm
#%PAM-1.0 auth include system-login auth optional pam_kwallet5.so account include system-login password include system-login session include system-login session optional pam_kwallet5.so auto_start
Using the KDE Wallet to store ssh key passhprases
Install ksshaskpass package.
Create an autostart script file and mark it as executable:
~/.config/autostart-scripts/ssh-add.sh
#!/bin/sh ssh-add </dev/null
~/.ssh/id_rsa
. Assuming you have different SSH keys named key1
, key2
, key3
in ~/.ssh/
, you may add them automatically on login by changing the above script to:
~/.config/autostart-scripts/ssh-add.sh
#!/bin/sh ssh-add $HOME/.ssh/key1 $HOME/.ssh/key2 $HOME/.ssh/key3 </dev/null
You also have to set the SSH_ASKPASS
environment variable, see Environment variables#Defining variables. E.g.:
export SSH_ASKPASS="/usr/bin/ksshaskpass"
It will ask for your password and unlock your SSH keys. Upon restart your SSH keys should be unlocked once you give your kwallet password.
To add a new key and store the password with kwallet use the following command
$ ssh-add /path/to/new/key </dev/null
and append the key to the list of keys in ~/.config/autostart-scripts/ssh-add.sh
as explained above to have it unlocked upon providing the kwallet password.
KDE Wallet for Firefox
There is an unofficial Firefox addon for KDE5 Wallet integration.
KDE Wallet for Chrome and Chromium
Chrome/Chromium has built in wallet integration. To enable it, run Chromium with the --password-store=kwallet
or --password-store=detect
argument. To make the change persistent, see Chromium/Tips and tricks#Making flags persistent. (Setting CHROMIUM_USER_FLAGS will not work.)