PDA

View Full Version : default keyring unlock password: howto stop



ThumbTack
9th November 2012, 04:27 PM
This has been discussed before, but at the moment, to get the information needed, it has to be pieced together from multiple sources, some of which are not in this forum, and some of the which are very old so that they don't apply directly to the recent releases of Fedora.

I will be discussing a laptop computer running Fedora 16 using the gnome desktop. The comments should apply to Fedora 15 and 17 although I cannot verify that directly. Fedora 18 is a complete unknown to me. This laptop connects wirelessly to a home network with security protection. The situation we are trying to prevent is the annoying second password request triggered by the Network Manager, a request for a password to unlock the default keyring. :dis:

Here is what I did to get rid of that request. :C

The second password request is caused by the fact that the default keyring, which is stored in ~/.gnome2/keyrings, is used to store network passwords. There are two keyrings in that directory: default.keyring and login.keyring. There is also a file Default which contains one and only one word. Before the change I am describing, that word was "default".

The first crucial step is to change that word to "login". It can be done with an editor or you can use "Passwords and Keys" from the Accessories menu (it invokes seahorse, which you can start up using the command "seahorse" from a terminal window). However you choose to start seahorse, in order to set the login keyring to be the default keyring, you right click on the login folder and select "set as default" from the drop down menu that appears. Either way, now the word in Default is "login".

If you have been running Fedora on your laptop for a while, as I have been doing, you have acquired a large number of wireless networks that you have connected to in the past. We need to get rid of the saved information about those networks. If you need to know the passwords, you will need to go through the list of networks, display the connection passwords and write them down, because what we are about to do will lose them, at least until you restore the old default.keyring file and start using it again.

The next step is to go into the keyring directory and rename both default.keyring and login.keyring to be default.keyring.0 and login.keyring.0 (say). The next time you login, a new login.keyring file will be created. The default.keyring file will no longer be present or needed.

Next, we open "Network Connections" from one of the menus, or right click on the wireless bars on the panel and select "edit connections". On the wireless tab, we go through the list and delete every entry.

Next, we go to /etc/sysconfig/networking as root, and copy the directories devices and profiles to devices.0 and profiles.0 (say). This is in case we need to go back to the previous setup. Having produced the copies, go into devices and delete every entry except for ifcfg_Auto_eth0 (or the equivalent on your machine), and go into profiles/default, and delete all the entries except for ifcfg_Auto_etho (or equivalent), hosts, network and resolve.conf. Some of these files may not be present on your setup. They are there on mine because I have assigned a static address to a number of machines on my network, including my laptop so that I can use NFS from any machine to any other machine.

At this point we have a clean slate. We logout, and log back in. The new login.keyring file is produced. We get a notification that wireless networks are available from the Network Manager. Select the one you want, enter the connection password. That password will now be stored in the new login.keyring file in encrypted form.

And in the future, you will no longer be requested for the unlock password for the default.keying file because the login.keyring file is being used as the default, and when you logged in, you unlocked that file. No more annoying second requests for an unlock password! :dance: