|
|
| Zeile 27: |
Zeile 27: |
| echo opening volume privat ... | | echo opening volume privat ... |
| kwallet-query -f 'volumes' -r 'privat' kdewallet | sirikali -b stdin -d ~/.privat/ -z ~/privat/ & | | kwallet-query -f 'volumes' -r 'privat' kdewallet | sirikali -b stdin -d ~/.privat/ -z ~/privat/ & |
|
| |
| = KeePass =
| |
| #!/bin/bash
| |
| # startup keepass with a password from KWallet
| |
| walletkey=$(/usr/bin/kwalletcli -f Passwords -e KeePass)
| |
| #open Keepass
| |
| mono /opt/KeePass2/KeePass.exe --lock &
| |
|
| |
| #give keepass enough time to actually open, otherwise results are inconsistent
| |
| sleep 3
| |
|
| |
| # Tell keypass to open your password database
| |
| mono /opt/KeePass2/KeePass.exe "/home/user/Dropbox/keepass/passwords.kdbx" -pw:$walletkey
| |
|
| |
| * Then save this script somewhere (I put it in /usr/local/bin/) and then go into Settings -> startup/shutdown and tag it as a script to start when you log into KDE.
| |
| * So now I just log in, type in my Kwallet password, and KeePass opens as well.
| |
|
| |
| == Sicherheit ==
| |
| * There’s a security issue with this script, which can be reduced by not using the password directly on the comment line.
| |
| * There are two methods below, YMMV, but I ended up with this hybrid:
| |
|
| |
| #!/bin/bash
| |
| # startup keepass with a password from KWallet
| |
| walletkey=$(/usr/bin/kwalletcli -f Passwords -e KeePass)
| |
| dbpath="/home/user/Dropbox/keepass/passwords.kdbx"
| |
| echo "$walletkey" | mono /opt/KeePass2/KeePass.exe $dbpath --pw-stdin
| |
|
| |
| * This works really well, and the password is only available briefly, reducing the ease at which it can be sniffed.
| |
| * Still not 100%, but security is always a tradeoff between ease of use and effectiveness.
| |
|
| |
|
| =Links= | | =Links= |
KWallet beim Login mit SDDM entsperren
Voraussetzungen
- Benutzerpasswort und KWallet-Passwort müssen identisch sein
- TODO: apt mit relevanten Paketen
Konfiguration
# vi /etc/pam.d/sddm
Hinzufügen / anpassen:
auth optional pam_kwallet5.so
session optional pam_kwallet5.so auto_start
Anwendung
#!/usr/bin/env bash
##
## Fehlersuche
#set -xv
#exec 1>~/.openKwallet.log 2>&1
echo opening KeepassXC ...
kwallet-query -f 'keepass' -r 'keepass' kdewallet | keepassxc –pw-stdin ~/pwd/pwd.kdbx &
echo opening volume geschäftlich ...
kwallet-query -f 'volumes' -r 'geschaeftlich' kdewallet | sirikali -b stdin -d ~/.geschaeftlich/ -z ~/geschaeftlich/ &
echo opening volume privat ...
kwallet-query -f 'volumes' -r 'privat' kdewallet | sirikali -b stdin -d ~/.privat/ -z ~/privat/ &
Links
Intern
TODO
Extern
- https://wiki.ubuntuusers.de/KDE_Passwortspeicher/
- http://thisisnt.com/opening-keepass-securely-and-automatically-in-kde/