Hi,

Let's look at gnome-keyring-prompt related issues:

1) It offers possibility to copy a secret (i.e SSH, PGP passwords) into the login keyring (that I like to be unlocked while I am logged in), but there is no possibility to copy that secret to another keyring. And this cannot be accomplished either in seahorse - D&D and copy/paste do not work and there's no way to create it manually. So I have 3 possibilities:

a) leave my secrets unprotected all the time I am logged in
b) do not unlock login keyring by default, but then I am forced to manually unlock the ring even for not-so-secret passwords and, moreover, there is missing "forget instantly" option in gk-prompt. c) leave SSH and PGP passwords outside the login keyring, but then I must remember them - or store them in another secrets keeping application, but keyboard grabbing prevents accessing it.

2) If keyboard is grabbed with no possibility to release it, how I am suppose to generate or to enter just generated password? How copy the password from an e-mail, IM message, text file etc.?

Gk-prompt may also be displayed at the end of a long chain of preceding actions/events. Being forced to repeat all steps/or take additional actions because I forget to copy the password into the clipboard, or didn't know I will need it, is rather painful.

So you need a secrets keeping application to keep secrets for a secrets
keeping application?

Hmm, gnome-keyring or precisely suboptimal/obsoleted ways other applications are using it, in combination with the only and too primitive user interface - seahorse and limiting gk-prompts was never general purpose secrets keeping facility fulfilling my needs. IMHO it is intended to be one, but seemingly it will not be the case for foreseeable future.

I blame most applications are storing/retrieving secrets in a way only they understand - storing secrets as a generic secret type with application-specific properties, using only login (or even 'default') or some hard-wired keyring and not bothering to search other keyrings.

Seahorse has still VERY limited scope of usage and except SSH and PGP keys that are pretty useful already, there is only one more secret type user can create/edit - generic secrets reduced to description (limited to 32 chars) with associated password pairs. I know this is limitation in seahorse, not in gnome-keyring, but this does not change anything. For these and many more reasons seahorse cannot still replace GUI of other secrets keeping applications.

Not mentioning gnome-centric attitude and the absence of any command line interface or dbus support (not sure if it is not ready - I cannot find any API though) to be able to use it with scripts/applications not using libgnome-keyring.


Way to go.


How can I move my entire secrets collection consisting of hundreds accounts of many types including real-life secrets, organized in tree-like structure, with descriptions and additional information to gnome-keyring and be able to effective use them even in applications or scripts that do not use gnome-keyring library, and manage them via GUI interface?

I would like to use gnome-keyring for all my secrets but it is too far from being sufficient.


--
Regards,
Petr Gajdůšek



--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to