How to change passphrase on gnome-keyring?
Matthew Saltzman
mjs at ces.clemson.edu
Mon Jan 8 16:09:09 UTC 2007
On Mon, 8 Jan 2007, H.S. wrote:
> David Jansen wrote:
>> Is it possible (and how!) to change the passphrase of an existing
>> keyring in the gnome-keyring. The reason I want to do this: pam_keyring
>> can unlock the keyring if the passwords are identical, and I wanted to
>> start the new year with a frssh, secure new password.
>> However, I cannot find the option to change the passphrase anywhere in
>> gnome, gnome-keyring-manager, gconf etc (FC6 i386 system)
>>
>> David Jansen
>>
>
> It did this once by deleting the keyring. It asked me for a password again
> next time I logged in and I gave it the new password. Here's how I did this:
> 1. Delete the directory ~/.gnome2/keyrings
> 2. Logout of gnome session (or any other session)
> 3. Delete .gconf* files/directories from /tmp. I just deleted everything I
> owned in tmp (note that you need to delete the hidden directories as well).
>
> Next time you login, you will be asked for the keyring passphrase again when
> it is needed.
Of course, you lose the contents of your old keyring that way. You can do
something like the following, but it's a bit of a pain:
- Create a new keyring with the login password.
- Rename the keyrings by hand so the new one is the default.
- Use the keyring manager to cut and paste keys from the old ring to the
new one.
The fact that changing keyring passwords is such a pain is an impediment
to implementing secure password management policies. The keyring password
patch should be included in GNOME.
>
> GL,
> ->HS
>
>
>
>
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
More information about the fedora-list
mailing list