Logging into your Linux desktop may require you to enter several passwords to unlock diverse services. You could be prompted right at the beginning or whenever you happen to use those services for the first time. Here are the components I am aware of that need a password:
- your account
- ssh private keys loaded by the ssh agent
- the Gnome Keyring
- browser master password
- mail program master password
- other password managers (like Revelation)
Wouldn't it be nice if one password unlocked them all?
Well, to some degree that is possible and I am aware of two ways to achieve this.
One is Linux-PAM. With appropriate PAM plugins you can have other services started and unlocked when you login to your system. This will not work in all cases. For example PAM cannot unlock your browser's master password since the browser is not started as a service.
The other way is the Gnome Keyring. The Keyring is a daemon that stores keys (passwords) for other application. The trick here is these other applications need to use the Gnome Keyring instead of storing passwords themselves. Very few applications do that.
Ideally PAM would start and unlock the Keyring daemon and all the other apps would use the Keyring to store passwords. This would provide a very smooth experience.
I will follow up with details about configuring some of these services in future posts.
Technorati Tags: 
No comments yet
Post new comment