Tuesday, June 19, 2007

Seahorse - GNOME Keyring Integration

For all of you that have set your GNOME Keyring master password and long to change it, long no more! This previously missing functionality is now available in the 2.19.4 release of Seahorse. The text entries are "secure" in that your passwords will never be paged out of memory onto the disk and with recent upgrades to gnome-keyring itself, they shouldn't be paged out there either (development branch only). Here's what the tab in the Encryption Preferences control applet looks like upon a successful change:

2 comments:

Étienne Bersac said...

Very nice !

I wonder : is it possible to use the same password for session and keyring. libpam-keyring do this, however, if you changed your session password, this does not change the keyring password.

You rock !

Unknown said...

Some questions about this:

- What about thinkfinger integration? It seems like about some of gnome password dialogs support this (gdm,console), some do in a broken way (gksudo) and others don't (keyring manager, gnome-screensaver).

- Why doesn't gnome-keyring just use your user password as the master password? Or, why can't gnome-keyring store my user password and my sudo password? One way or the other would seem more unified and consistent.

- It would be nice if gnome-keyring had some notion of "important" passwords vs everything else so that it can just go ahead and fill in the right values when I don't care sort of like firefox does when it doesn't have a master password set. Something in between where on a per password basis I can say "Always ask for master" would be cool.

- Firefox and other apps integration: Firefox reimplements exactly the same functionality. Could gnome-keyring be swapped out in the gnome native builds like they have done for print and file dialogs?

Thanks. BTW, nice job.