Wednesday, March 7, 2007

Automatically unlock the default keyring on FC6

If you have NetworkManager in use on Fedora Core 6, you have probably seen this dialog box:

keyring.jpg

I got tired of entering my password every morning to unlock the default keyring, so I went looking for a solution. What I found was a module for use with PAM that would supply my system password to gnome-keyring for me. The module is called pam_keyring.so.

On Fedora Core 6 the steps that I used to implement this were:

1) As root install the module and it's documentation:
# yum install pam_keyring

2) Insert the following two lines into /etc/pam.d/gdm:
auth optional pam_keyring.so try_first_pass
session optional pam_keyring.so

Note that order is important in the gdm file. This is what my /etc/pam.d/gdm file looks like with the additions:

auth required pam_env.so
auth optional pam_keyring.so try_first_pass
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_loginuid.so
session optional pam_console.so
session optional pam_keyring.so

Now the system no longer prompts me for the default keyring password when I log in.

No comments: