[pkg-fso-maint] Bug#869399: unlock keyring automatically at startup

Ryan Tandy ryan at nardis.ca
Thu Aug 3 18:23:03 UTC 2017


On Sun, 23 Jul 2017 10:35:39 +0800 =?utf-8?B?56mN5Li55bC8?= Dan Jacobson <jidanni at jidanni.org> wrote:
> https://bugzilla.gnome.org/show_bug.cgi?id=784992#c2 says
> It's a distribution bug for the keyring to not be unlocked automatically at startup.

As I understand it, usually the GNOME keyring is encrypted with your 
login password. When you log in via e.g. GDM with a password, the PAM 
stack passes your password to a module that unlocks the keyring (in 
memory only, of course).

Since you log in via nodm without a password, the stack never sees your 
password in the clear, and so I suspect it's not actually possible to 
automatically unlock the keyring in the same way.

I believe it's possible to store the GNOME keyring unencrypted, if 
that's what you want (based on reading your comments in the upstream 
report). In seahorse ("Passwords and Encryption Keys") you should be 
able to change the keyring password to an empty password. If I'm 
remembering correctly, that should remove the prompts to unlock - with 
the tradeoff that you are storing your secrets on disk *completely 

hope that helps,

More information about the pkg-fso-maint mailing list