[pkg-fso-maint] Bug#869399: unlock keyring automatically at startup
Ryan Tandy
ryan at nardis.ca
Thu Aug 3 18:23:03 UTC 2017
Hi,
On Sun, 23 Jul 2017 10:35:39 +0800 =?utf-8?B?56mN5Li55bC8?= Dan Jacobson <jidanni at jidanni.org> wrote:
> https://bugzilla.gnome.org/show_bug.cgi?id=784992#c2 says
> It's a distribution bug for the keyring to not be unlocked automatically at startup.
As I understand it, usually the GNOME keyring is encrypted with your
login password. When you log in via e.g. GDM with a password, the PAM
stack passes your password to a module that unlocks the keyring (in
memory only, of course).
Since you log in via nodm without a password, the stack never sees your
password in the clear, and so I suspect it's not actually possible to
automatically unlock the keyring in the same way.
I believe it's possible to store the GNOME keyring unencrypted, if
that's what you want (based on reading your comments in the upstream
report). In seahorse ("Passwords and Encryption Keys") you should be
able to change the keyring password to an empty password. If I'm
remembering correctly, that should remove the prompts to unlock - with
the tradeoff that you are storing your secrets on disk *completely
unsecured*.
hope that helps,
Ryan
More information about the pkg-fso-maint
mailing list