Published multiple files
All checks were successful
Build and Deploy Quartz / build (push) Successful in 26s
All checks were successful
Build and Deploy Quartz / build (push) Successful in 26s
This commit is contained in:
Quartz Syncer
107
content/10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/Keychain.md
Normal file
107
content/10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/Keychain.md
Normal file
@@ -0,0 +1,107 @@
|
||||
---
|
||||
publish: true
|
||||
permalink: /10-19 LIFE/13 TECH SETUP/13.13 OS SETUP/Keychain.md
|
||||
title: Keychain
|
||||
created: 2026-01-29T21:15:48.335-07:00
|
||||
modified: 2026-02-05T09:21:56.854-07:00
|
||||
tags:
|
||||
- security
|
||||
- secrets
|
||||
- gnome-keyring
|
||||
cssclasses: ""
|
||||
---
|
||||
|
||||
GNOME Keyring for managing secrets, SSH keys, and application passwords.
|
||||
|
||||
## Installation
|
||||
|
||||
```bash
|
||||
sudo pacman -S gnome-keyring libsecret seahorse
|
||||
```
|
||||
|
||||
- `gnome-keyring` — The keyring daemon
|
||||
- `libsecret` — Library for apps to access secrets
|
||||
- `seahorse` — GUI for managing keyring
|
||||
|
||||
## PAM Integration
|
||||
|
||||
Automatically unlock keyring on login.
|
||||
|
||||
Edit `/etc/pam.d/login`:
|
||||
```
|
||||
auth optional pam_gnome_keyring.so
|
||||
session optional pam_gnome_keyring.so auto_start
|
||||
```
|
||||
|
||||
For GDM/SDDM, also edit `/etc/pam.d/passwd`:
|
||||
```
|
||||
password optional pam_gnome_keyring.so
|
||||
```
|
||||
|
||||
## Hyprland Integration
|
||||
|
||||
Add to `~/.config/hypr/hyprland.conf`:
|
||||
```bash
|
||||
exec-once = gnome-keyring-daemon --start --components=secrets,ssh
|
||||
```
|
||||
|
||||
Set environment variables in hyprland.conf:
|
||||
```bash
|
||||
env = SSH_AUTH_SOCK,$XDG_RUNTIME_DIR/gcr/ssh
|
||||
```
|
||||
|
||||
Or in your shell profile:
|
||||
```bash
|
||||
export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/gcr/ssh"
|
||||
```
|
||||
|
||||
## SSH Key Management
|
||||
|
||||
### Add key to agent
|
||||
|
||||
```bash
|
||||
ssh-add ~/.ssh/id_ed25519
|
||||
```
|
||||
|
||||
### List keys
|
||||
|
||||
```bash
|
||||
ssh-add -l
|
||||
```
|
||||
|
||||
### GUI management
|
||||
|
||||
Launch Seahorse:
|
||||
```bash
|
||||
seahorse
|
||||
```
|
||||
|
||||
## Unlocking
|
||||
|
||||
If keyring doesn't auto-unlock:
|
||||
|
||||
```bash
|
||||
# Manually unlock
|
||||
gnome-keyring-daemon --unlock
|
||||
|
||||
# Or via secret-tool
|
||||
secret-tool search --unlock xdg:schema org.gnome.keyring.Note
|
||||
```
|
||||
|
||||
## Application Support
|
||||
|
||||
Apps using libsecret (most modern apps) will automatically use gnome-keyring. For apps that need explicit setup:
|
||||
|
||||
### Git credential storage
|
||||
|
||||
```bash
|
||||
git config --global credential.helper /usr/lib/git-core/git-credential-libsecret
|
||||
```
|
||||
|
||||
### VS Code
|
||||
|
||||
VS Code uses gnome-keyring automatically for settings sync.
|
||||
|
||||
## Resources
|
||||
|
||||
- Arch Wiki: https://wiki.archlinux.org/title/GNOME/Keyring
|
||||
Reference in New Issue
Block a user