Re: Keyring password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Bradley Pursley wrote:
> Now I'd like to see if another annoying thing can be removed -
> getting rid of the prompt for the keyring password.  Since my
> machines are not used publicly, I have no desktop security issues to
> worry about and would like to know how I can keep it from prompting
> me for it in the first place.  Any ideas how to automate or remove
> this?

It's possible to have a login keyring which is unlocked automatically
when you login.  This requires you to set the keyring's passphrase to
the same passphrase as your login passphrase.

It doesn't work out of the box and it doesn't work for everyone
either.  I've got it working on F8.  I'll try to detail the steps I
took to get it working.  But for the most part, you may need to debug
this yourself if it doesn't work (and if it breaks, you get to keep
the pieces).

1) Ensure gnome-keyring-pam is installed
2) Setup /etc/pam.d/gdm [1]
3) Log out of gnome, ensure any desktop daemons have been killed
4) Restart gdm (telinit 3; telinit 5 works, as does gdm-restart)
5) Log in via the console and delete ~/.gnome/keyrings; Log out
6) Log in via gdm, when prompted for a keyring passphrase, use you
   login passphrase

Perhaps that will help.  AFAIK, that's what I did to get it working.
Hopefully I'm not missing any important steps.

[1] Here is the /etc/pam.d/gdm file from my system:
#%PAM-1.0
auth     [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth       required    pam_env.so
auth       optional    pam_gnome_keyring.so
auth       include     system-auth
account    required    pam_nologin.so
account    include     system-auth
password   include     system-auth
session    required    pam_selinux.so close
session    include     system-auth
session    required    pam_loginuid.so
session    optional    pam_console.so
session    required    pam_selinux.so open
session    optional    pam_keyinit.so force revoke
session    required    pam_namespace.so
session    optional    pam_gnome_keyring.so auto_start

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Between two evils, I always pick the one I never tried before.
    -- Mae West

Attachment: pgpmcHSVcAMRG.pgp
Description: PGP signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux