Results 1 to 5 of 5

Thread: 11.4 gnome not auto-unlocking default keyring

  1. #1

    Default 11.4 gnome not auto-unlocking default keyring

    NetworkManager stores its connection secrets in a keyring called "default". I am prompted to supply the keyring password every time I log in, regardless of whether I select the "automatically unlock this keyring when I log in" radio button. Has anyone else experienced this, and is there a fix?

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,504
    Blog Entries
    3

    Default Re: 11.4 gnome not auto-unlocking default keyring

    I have just been through all of that on one of my systems.

    Sorry if this comes through as confusing. Just ask questions as needed.

    It seems that gnome has a "login" keyring and a "default" keyring. The "login" keyring is unlocked during login, but the "default" keyring is not.

    In my case, I was running KDE with the gnome network manager applet, and there were no keyrings. So it created the default keyring for that.

    As best I can tell, automatic login keyring open requires:

    1: You need the right magic incantation in the PAM setup. It is probably there. However, it was not there in the system that I setup using the 32bit KDE live CD (and later added gnome). I had to modify the PAM configuration to get it working there.

    2: You have to be running gdm (not kdm) as the display manager. Maybe lxdm would also work, but I haven't tried that because it is not listed in the Yast menu for setting this.

    3: You have to login to the session. If you use automatic login on boot, then the keyring won't be unlocked.

    4: You have to be running gnome or XFCE. It seems that the gnome keyring is not unlocked if you login to LXDE or KDE.

    If you think you have all of those in place, then:

    (a) logout of your session.
    (b) login at a virtual console (use CTRL-ALT-F1)
    (c) remove all of the files in $HOME/.gnome2/keyrings/
    (d) logout, use CTRL-ALT-F7 to return to the GUI

    When you next login to gnome, you will have to reconfigure the network. The network keys will have been lost in the files that you deleted. But this time, they will go into the login keying instead of the default keyring. And that should be auto-opened during login.

    I hope that helps.

    *** On that magic incantation bit: The file "/etc/pam.d/common-auth-pc" file is supposed to have a line
    Code:
    auth  optional        pam_gnome_keyring.so
    That line was missing on my install from the live KDE cd.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  3. #3

    Default Re: 11.4 gnome not auto-unlocking default keyring

    Thanks, that worked well, although I would like to add an item (c.1) to your checklist. Namely, one should also the default keyring in seahorse in addition to removing all entries in ~/.gnome2/keyrings/.

  4. #4
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,504
    Blog Entries
    3

    Default Re: 11.4 gnome not auto-unlocking default keyring

    Great. I'm glad you have it working.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  5. #5
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,504
    Blog Entries
    3

    Default Re: 11.4 gnome not auto-unlocking default keyring

    An update on this.

    I have now experimented with using "lxdm" as display manager.

    It seems that, with "lxdm", the gnome login keyring is auto-opened when you login to LXDE, but not when you login to gnome or XFCE. I'll go back to using "gdm" on that test system. I continue to use "kdm" (and KDE) on my main system, and I do prefer "kdm".
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •