3
0
I have a Fedora 15 laptop with the root and home partitions encrypted using LUKS. When it boots I have to enter a pass phrase to unlock the master key, so I have it configured to automatically log me in to my account. However, GnomeKeyring remains locked, so I have to enter another pass phrase for that. This is unpleasant and completely pointless since the entire disk is encrypted.
I've not been able to find a way to configure GnomeKeyring to store its pass phrases without encryption. For example, I was not able to find an answer here:
http://library.gnome.org/users/seahorse-plugins/stable/index.html.en
Is there a solution? If not, is there a mailing list where it would be appropriate to plead my case?
antimeme
Posted 2011-06-24T15:40:57.813
Reputation: 33
Edit: I think having an encrypted keyring is not as you said, completely pointless, even on a fully encrypted system partition. What about (local or remote) exploits that would allow to extract the keyring file? That does not even require root privileges... But indeed, in Gnome the keyring seems to have no timeout, and stays practically unlocked all the time, so that is probably not really more secure – nodiscc – 2011-06-26T23:26:52.050
This suggestion solved the problem, so thank you. Because Gnome 3 is relatively new I had to hunt a bit to find out how to get it done: go to Activites, click on Applications, scroll to Passwords and Encryption Keys (clicking Accessories may speed this up), right click on Passwords: login and choose Change Password. – antimeme – 2011-06-28T17:44:31.937