Unlock all private keys on Ubuntu, entering password only once at login

12.04 ssh login password keyrings
44,948

Solution 1

1) After Creating the Public Key By Following,

The first step involves creating a set of RSA keys for use in authentication. This should be done on the client. To create your public and private SSH keys on the command-line:

mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t rsa

You will be prompted for a location to save the keys, and a passphrase for the keys. This passphrase will protect your private key while it's stored on the hard drive and be required to use the keys every time you need to login to a key-based system:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/b/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/b/.ssh/id_rsa.
Your public key has been saved in /home/b/.ssh/id_rsa.pub.

2) You must add your private key (might be not secure) but still you can do this,

ssh-add ~/.ssh/id_rsa

Source From Ubuntu Wiki.

Solution 2

Go to System / Preferences / Passwords and Encryption Keys to see your keyrings.

All the keys / passwords you want to unlock when you login must be in the login keyring.

If they are in other keyrings, delete them, and next time you are asked for the password there should be an option in the pop-up window to store it in the login keyring. (I think you cannot just copy from one to another, you need to delete.)

Depending on your case things may be slightly more different. If the above doesn't work then please attach a screenshot of the pop-up window you get with all advanced options expanded.

Solution 3

Set your keyring password to be the same as your log-in password, not blank. This will achieve your goal of unlocking the keyring on log-in, and will keep the keyring itself protected with a password as well. This is in fact, the default behavior for a new setup, so likely you changed your password at some point, or specifically set a different password on your keyring. Change one or the other so they both match, and everything will unlock when you log in.

Share:
44,948

Related videos on Youtube

conradlee
Author by

conradlee

Updated on September 18, 2022

Comments

  • conradlee
    conradlee over 1 year

    I login to Ubuntu 12.04 using a password. Later on, when I use my browser(Chrome), I'm asked for a password to unlock the keychain so that the browser can access my saved credentials for various websites (it's the same password). Also, whenever I use SSH to connect to other computers using my private key, I am prompted for the same password to unlock my private key.

    How can I make it so that I am asked for my password exactly once per login (given that my login password is the same as the one I use for all my private keys)? One important requirement: all of my private keys should have a password. This means that I will have to type in one password on login, which will unlock some key which in turn decrypts the passwords for all other keys (which are also unlocked). It also means that if someone else gets access to my private keys, they will not be able to use them without at least one password.

    Probably someone will try to label this question as a duplicate of this question, this question, or this question. While these questions are similar, none of them explicitly say that there still needs to be a password entered on login, as I am demanding here. As a result, the accepted solutions just say "set your passwords to blank"--I don't want that, it's dangerous! So I am aware of the similar questions, but none of them has received the correct answer yet, because they are slightly different.

    • Admin
      Admin about 12 years
      Can you please chekc if this solves your issue? askubuntu.com/questions/78344/…
    • Admin
      Admin about 12 years
      That solution isn't great because it requires that my most important key is not protected by a password. I updated the question to make it clear that all keys must be protected by a password.
  • dobey
    dobey about 12 years
    He should set the password of the keyring to the same as his log-in password, actually. Having the keyring be password protected is a requirement.
  • conradlee
    conradlee about 12 years
    Actually, all my passwords are the same (I mention this in the question post), and yet I'm not getting the desired once-off authentication on login. Originally though, not all my passwords were the same---I made this change only after reading somewhere that that might solve my problem. It could be that I need to run some command to make Ubuntu realize that all keys use the same password. Any ideas?
  • dobey
    dobey about 12 years
    I don't believe Chrome uses the system keyring, and has its own password store; so I don't think there is any way to have it unlock when you log in. The same is also true for Firefox. Having your ssh keys have the same passphrase as you log-in with, probably doesn't help either. However, gnome-keyring does support storing ssh key passphrases. I suppose you're confusing the concept of keyring to be a single thing for your user, when actually there are several of them. If you run <code>seahorse</code>, you can see which ones gnome-keyring is managing.
  • dobey
    dobey about 12 years
    This is not entirely true. They can be in any keyring, so long as it is set to be the default keyring.
  • Eliah Kagan
    Eliah Kagan almost 12 years
    @dobey When did that start? I remember successfully setting blank keyring passwords as late as 11.04.
  • dobey
    dobey almost 12 years
    @EliahKagan It's not a requirement of gnome-keyring for there to be a password. It was a requirement of the person asking the question here. However, using a blank password is insecure, and anyone who obtains your keyring files will be able to read your passwords out of it immediately.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Change keyring password after resetting password with "passwd" : Ubuntu 13.10
Ubuntu 20.04 LTS disable on boot: unlock keyring for an application who wants to acces "Default Keyring" but is locked
Find out if there is a local user logged in when logging in over ssh
Remove Keyring Popup on Startup
Can't Login to my Server via SSH, and the password is correct
how to disable SSH login with password for some users?
Is my password compromised because I forgot to hit Enter after ssh username?
How can I make a user able to log in with ssh keys but not with a password?
How do you install software and updates without a password in 12.04?
Want to remove Unlock login key ring when no keyring directory is there?