Welcome!
Forum users

Current releases
--MX-23 release info here
--Migration information to MX-23 here
--antiX-23.1 (Arditi del Popolo) release info here

Important information
--If in starting your system it boots to an unwanted Desktop, right click desktop, then select leave and logout. At the
login screen there is a session chooser at the top of the screen.

News
-- MX Linux on social media: here
-- New Forum Features, Marking Solved and Referencing a User: here

Gnome-keyring - unlocked

Post Reply
Message
Author
User avatar
dreamer
Posts: 738
Joined: Sun Oct 15, 2017 11:34 am

Re: Gnome-keyring - unlocked

#61 Post by dreamer »

fehlix wrote: Fri Oct 05, 2018 6:17 pm Could you check "sometimes" with "Password and Keys" the login-keyring is locked or shows unlocked after logged in.
Are there more than one keyring there? Another keyring with name "login" which is not a login-keyring :confused:.
Is gnome-keyring-secrets starting in autostart?
Problem solved. Thanks, fehlix. :happy:
Secret Storage Service (GNOME Keyring: Secret Service)

Code: Select all

/usr/bin/gnome-keyring-daemon --start --components=secrets
This checkbox wasn't marked in Application Autostart. Evolution, Skype and Chrome now start without keyring prompt. I have only one keyring and it is unlocked.

Here is the updated procedure:
1. install libpam-gnome-keyring AND MAKE SURE the service is marked in Application Autostart
2. delete everything in "Password and Keys" application unless you have something important there
3. delete ~/.local/share/keyrings
4. reboot

User avatar
c4os
Posts: 29
Joined: Tue Jun 19, 2018 12:28 pm

Re: Gnome-keyring - unlocked

#62 Post by c4os »

I'll get an error with the command:

Code: Select all

$ /usr/bin/gnome-keyring-daemon --start --components=secrets
** Message: couldn't access control socket: /run/user/1000/keyring/control:  Datei oder Verzeichnis nicht gefunden
"Datei oder Verzeichnis nicht gefunden" means file or directory not found.
Courious, there is a file called control:

Code: Select all

$ ls -l /run/user/1000/keyring/
insgesamt 0
srwxr-xr-x 1 c4os c4os 0 Okt  9 09:33 control
And ssh still asks me for the password of my ~/.ssh/id_rsa.
My look on the autostart commponents found an agent for ssh. But this wont also help.

Code: Select all

$ /usr/bin/gnome-keyring-daemon --start --components=ssh
SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
ssh still asks my password.
Maybe I need Gnome terminal to bring it to work?
But I want to keep my lovely Terminator.

Will my ssh and gpg keys removed from my system when I delete it's from password and encryption app?

The only one which works on my side with ssh is:

Code: Select all

$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /home/c4os/.ssh/id_rsa: 
Identity added: /home/c4os/.ssh/id_rsa (/home/c4os/.ssh/id_rsa)
Powered on: MX 17 Horizon x86_64
Hardware: Dell Latitude E4300 - CPU: Intel Core 2 Duo P9600 (2) @ 2.535GHz - Memory: 4GB
Style: Resolution: 1280x800 - WM Theme: Balou - Theme: Blackbird [GTK2/3] - Icons: Papirus-Dark [GTK2]

User avatar
fehlix
Developer
Posts: 10275
Joined: Wed Apr 11, 2018 5:09 pm

Re: Gnome-keyring - unlocked

#63 Post by fehlix »

c4os wrote: Tue Oct 09, 2018 4:16 am I'll get an error with the command:

Code: Select all

$ /usr/bin/gnome-keyring-daemon --start --components=secrets
** Message: couldn't access control socket: /run/user/1000/keyring/control:  Datei oder Verzeichnis nicht gefunden
That's a message is to inform that no running daemon exists, so it will create a new gnome-keyring control-soccket.
c4os wrote: Tue Oct 09, 2018 4:16 am ssh still asks my password.
Maybe I need Gnome terminal to bring it to work?
But I want to keep my lovely Terminator.
The keyring component starts from with autostart, no need for gnome terminal.
We need to look into this, to find a way to fix this.
c4os wrote: Tue Oct 09, 2018 4:16 am Will my ssh and gpg keys removed from my system when I delete it's from password and encryption app?
"Password and Keys" provides not only access to gnome-keyring, but also to your gpg-keyring and ssh-key's.
So yes you can remove within Password and Keys (Seahorse), your gnupg and ssh-key , if you like :happy:
c4os wrote: Tue Oct 09, 2018 4:16 am The only one which works on my side with ssh is:

Code: Select all

$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /home/c4os/.ssh/id_rsa: 
Identity added: /home/c4os/.ssh/id_rsa (/home/c4os/.ssh/id_rsa)
Yea, using ssh-add + ssh- agent seem to be the most reliable way to deal with single-sign-on ssh-authentication.
Gigabyte Z77M-D3H, Intel Xeon E3-1240 V2 (Quad core), 32GB RAM,
GeForce GTX 770, Samsung SSD 850 EVO 500GB, Seagate Barracuda 4TB

agrendel
Posts: 14
Joined: Fri May 18, 2018 3:23 pm

Re: Gnome-keyring - unlocked

#64 Post by agrendel »

It's all very confusing :confused:
Should there separate Login keyring as well as the default and should they both be left open after I run Chromium or Geary?
I followed the the procedure described after "Default keyring already exists" in the Wiki mentioned in this subject. I had already installed libpam-gnome-keyring but I never saw the mention of "Automatically unlock this keyring whenever I’m logged in" when unlocking the Default keyring. However, on logging back in I briefly saw a mention of this automatic option already ticked in a pop-up immediately after I entered my normal user password.
Now everything sees to work without any requests to re-enter passwords as mentioned by some other users here. However, as I mentioned, I'm a bit concerned that both keyrings are left permanently open as long as I'm logged in. Is this normal?

agrendel
MX 17.1_x64 Horizon: Thinkpad X220, Core i5-2540M, 8GB RAM Kernel 4.15.0-1-amd64

User avatar
fehlix
Developer
Posts: 10275
Joined: Wed Apr 11, 2018 5:09 pm

Re: Gnome-keyring - unlocked

#65 Post by fehlix »

agrendel wrote: Thu Nov 01, 2018 7:30 am Should there separate Login keyring as well as the default and should they both be left open after I run Chromium or Geary?
It depends, if the login keyring is also marked as "default" an application might "decide" to use this "default" login-keyring.
Not sure about Geary, some applications requesting to use a keyring with the name "default" some other with the property "default".
agrendel wrote: Thu Nov 01, 2018 7:30 am However, as I mentioned, I'm a bit concerned that both keyrings are left permanently open as long as I'm logged in. Is this normal?
Well, that's per design. If you want to lock the keyrings manually, you can bind a desktop-shortcut or a keyboard-shortcut to this command:

Code: Select all

gnome-keyring-daemon --replace --daemonize
After running the command, gnome-keyring will be restarted and by this goes into the state of locked keyrings.
Note: If you would now restart Chromium or Geary, you will get prompted to enter the password for
the used "default" keyring. You can check the used password of the "default" keyring by changing password e.g. using the identical password
within Password and Key (aka Seahorse).

If you are still confused, don't hesitate to formulate the unknown :blindfold:
:puppy:
Gigabyte Z77M-D3H, Intel Xeon E3-1240 V2 (Quad core), 32GB RAM,
GeForce GTX 770, Samsung SSD 850 EVO 500GB, Seagate Barracuda 4TB

agrendel
Posts: 14
Joined: Fri May 18, 2018 3:23 pm

Re: Gnome-keyring - unlocked

#66 Post by agrendel »

Many thanks fehlix for your prompt and very complete reply. As I have a mini-PC also running mx-linux now I decided to try the same operation as on my Thinkpad and the result was more or less the same except that I had to log back in twice for the automatic opening of the default and log-in keys to be completed. The first login asked for my password but had the box "Automatically unlock this keyring whenever I’m logged in" already ticked so on the second login the second key was added and both are now unlocked. Works fine.
MX 17.1_x64 Horizon: Thinkpad X220, Core i5-2540M, 8GB RAM Kernel 4.15.0-1-amd64

User avatar
namida12
Posts: 437
Joined: Sun Apr 01, 2007 4:54 pm

Re: Gnome-keyring - unlocked

#67 Post by namida12 »

fehlix,

I certainly hope this is fixed and does not require any fixes for new or experienced users of MX-18 or MX-17.2 in the forthcoming release...

JR

User avatar
dphn
Posts: 126
Joined: Sun Nov 25, 2018 7:26 am

Re: Gnome-keyring - unlocked

#68 Post by dphn »

Hello to all. I'm new to this forum.

Hope the next release comes per default with libpam-gnome-keyring. In Xfce DE you must also set Settings>Session and Startup>Advanced and selecting Launch Gnome Services on Startup per default. Works nicely.
for those with an eye for the finer details...

User avatar
Jerry3904
Administrator
Posts: 21859
Joined: Wed Jul 19, 2006 6:13 am

Re: Gnome-keyring - unlocked

#69 Post by Jerry3904 »

Welcome, and thanks for the tip.
Production: 5.10, MX-23 Xfce, AMD FX-4130 Quad-Core, GeForce GT 630/PCIe/SSE2, 16 GB, SSD 120 GB, Data 1TB
Personal: Lenovo X1 Carbon with MX-23 Fluxbox and Windows 10
Other: Raspberry Pi 5 with MX-23 Xfce Raspberry Pi Respin

User avatar
fehlix
Developer
Posts: 10275
Joined: Wed Apr 11, 2018 5:09 pm

Re: Gnome-keyring - unlocked

#70 Post by fehlix »

dphn wrote: Tue Nov 27, 2018 12:30 pm In Xfce DE you must also set Settings>Session and Startup>Advanced and selecting Launch Gnome Services on Startup per default.
Not necessarily. For unlocking (and/or creating) the default keyring libpam will already trigger gnome-keyring-daemon at login-time. So there is no need to start gnome-keyring again, it might even conflicting with the already running daemon. Only for additional keyring-components like ssh-agents or certificat-access additional autostart-entries might need to get turned on.
At least this is the theory. Anyway for any app which really does not work without the already running daemon, we migth have a look for find the reason for this.
:puppy:
Gigabyte Z77M-D3H, Intel Xeon E3-1240 V2 (Quad core), 32GB RAM,
GeForce GTX 770, Samsung SSD 850 EVO 500GB, Seagate Barracuda 4TB

Post Reply

Return to “Software / Configuration”