TW Kwallet fails to open with auto-login

That would happen if you have set the Kwallet password to blank (i.e. empty). I don’t recommend that.

I followed this thread a bit, but as I am not using automatic login (and as i would not advise it), I did not feel able to contribute. Like @nrickert , I am not sure about a few things. Like in the original situation what the password of KWallet was: same as the user password, nil, or other.

Partly this is because of how this is assumed to work. Automatic login is a feature of the Display Manager (I do not think it is mentioned above which one). The DM “knows” thus the user name of the user that must be logged in. It also avoids checking the user’s password does not know it and starts the desktop session (it can do so because it is a root owned process). It knows which is the desktop to start, Plasma, Gnome, … But it does not know the password to open KWallet. How could it?

Thus like @nrickert I wonder if it was empty.

And this citation:

is a bit confusing IMHO. While not being complete untrue, it does not explain it very well. Auto login is not a feature of Gnome, it is a feature of the Display Manager and configured in it’s configuration (as said earlier). Passwordless login is not a feature of Gnome. It starts with an empty password defined in /etc/shadow and then both the CLI login process and the DM login process skip password checking.

I mentioned I use KDE with SDDM in the very first post.

The password on the old install might very well be empty - there is no “show password” button there and I don’t want to try to change it and potentially mess it up.

I have tested both “same as login” and “empty” passwords both for a new user on the old install and on the new install. “Same as login” password does not unlock kwallet on auto-login but empty password does. That’s the conclusion to how it behaves.

Maybe this warrants a slight change in openSUSE documentation along with appropriate security warnings.

With smartphones and laptops people have become accustomed to typing their passwords in so it shouldn’t surprise or annoy anyone. Auto-login feature goes back to the early days of mimicking Windows behavior and is not enabled by default. Does Windows still allow login without authentication? In any case - the feature is available on openSUSE and now I know how it works, but “use at your own risk”, as they say.

I was simply surprised I couldn’t get my browser open through KDE autostart settings on the new install and it kept asking about kwallet password. That was annoying, but now I know how to deal with this so, as the OP, I’m satisfied.

Thank you everybody for your help and patience.

Of course not. SDDM can not know the common password because it is not typed in the login screen by the user.

Yes, it does.

Thank you for explaining this to us.

This is not obvious to an average user who sets auto-login via Yast, as God intended, because nothing in that procedure says anything about displaymanager. The sequence is “Yast → Security And Users → User And Group Management → Expert options → Login Settings”.

As you have pointed out earlier, Leap’s official documentation is not entirely correct on this topic. First, it talks only about Gnome, and then it doesn’t say anything about displaymanager being involved either. Nor does it give an option to manually enable auto-login where people could see - “Oh, I’m actually changing displaymanager config file!”

Which is absolutely irrelevant here. What matters is the fact that nowhere during login you enter your password and so cannot use anything that is encrypted with the help of your password. Users are really expected to apply at least some common sense. It is impossible to list every mouse move and every keystroke. There is no end of password managers to cover them all in a document that describes SUSE front-end for editing system settings which are not even related to password managers.

But if you think it should be explicitly documented - by all means …

… you are welcome to improve it and submit pull request.