You are not logged in.
Hi,
having some issues with seahorse. Under Certificates i find a Keyring "Gnome2 Key Storage". Fun-Fact: Neither did i create nor do i have a password for it.
Tried all of my passwords, didn't help. I think i located the file ( home/.local/share/keyring/), but if it gets deleted a new version is created with the same (unknown) password.
And, finally, due to that reason it is not possible to import any certificates into the keyring (which seems not be necessary as it can be done via chromium and enigmail, but hey, then what is the use of this gnome keyring?!)
In an other user account the same keyring was there, just that it could be unlocked with the user password.
I'm running Arch Linux (obviously), Gnome 3.16, Chromium, thunderbird/enigmail.
I updated the System, checked the web, the arch-wiki and forum, but after some hours of effortless research, i need your help.
Did anybody have the same issues?
Does anybody have an idea how to solve it?
Thanks for the support,
Christoph
Update:
To be precise, the keyring is displayed in seahorse, while the keyring remains deleted.
-rw------- 1 christoph christoph 222K 26. Mai 16:23 Default_keyring.keyring
-rw------- 1 christoph christoph 982 27. Mai 06:23 login.keyring
-rw------- 1 christoph christoph 207 23. Mai 13:57 user.keystoreSeahorse lists:
Passwords:
Default keyring (OK)
Login (OK)
Certificates:
Gnome 2 Key Storage (locked, unknown password, unknown file location)
User Key Storage (OK, empty)
Update 2:
OK, Gnome, you store the keyrings here: ~/.local/share/keyring/ - if i delete the files, the according keyrings vanish. But where is the file locatin of "Gnome2 Key Storage"? I run Gnome 3 btw.
It's note here: ~/.gnome2/keyrings/ (directory does not even exist)
And it's not there: ~/.pki/nssdb/ (couldn't figure out what it is used for, but Gnome2 Key Storage stays after deleting)
I'll keep investigating, though any hints are appreciated, anyway.
Update 3:
~/.gnupg ? Nope.
Last edited by grey_smurf (2015-05-27 20:32:23)
Offline
Hm, seems I'm rather alone with my issue. Never mind if i keep talking to myself, it might help some future civilizations with this issue.
Problem with system certificates from the seahorse mailing list at least shows that the Gnome2 Key Storage is an Artifact. Whatever that means.
Artifact or not, i an't store certificates via seahorse becaus it keeps asking me for the mentiones, unknown and not-been-set-by-me password. Yikes.
Interesting in the post was the command
p11-kit list-modulesIt gave me (amnong others) this:
[...]
gnome-keyring: gnome-keyring-pkcs11.so
library-description: GNOME Keyring Daemon Core
library-manufacturer: GNOME Keyring
library-version: 1.1
token: SSH Keys
manufacturer: Gnome Keyring
model: 1.0
serial-number: 1:SSH:HOME
flags:
write-protected
user-pin-initialized
protected-authentication-path
token-initialized
token: Secret Store
manufacturer: Gnome Keyring
model: 1.0
serial-number: 1:SECRET:MAIN
flags:
login-required
user-pin-initialized
protected-authentication-path
token-initialized
token: Gnome2 Key Storage
manufacturer: Gnome Keyring
model: 1.0
serial-number: 1:USER:DEFAULT
flags:
login-required
user-pin-initialized
protected-authentication-path
token-initialized
[...]I guess i should look out for gnome-keyring-pkcs11.so ...
Last edited by grey_smurf (2015-05-30 09:17:08)
Offline
Found it:
/usr/lib/pkcs11/gnome-keyring-pkcs11.so
renamed it, and whoops - Gnome2 Key Storage is gone from seahorse. Not sure how to create a new file, though.
Btw.: If anybody knows better, I'd be glad to have my monologue interrupted.
Offline
OK,
pacman -S gnome-keyring
re-installs the file. The same file as before. The un-unlockable one.
Option 1)
Find out, how to make pacman install a clean, unused, unlocked key-storage
Option 2)
Lose my mind.
I'll go to bed now and decide tomorrow.
Last edited by grey_smurf (2015-05-28 20:39:59)
Offline
Just to sum up:
In seahorse, among others "Gnome2 Key Storage" is listed to user A, user B, and user C
It is locked.
It can just be opened by user B. Users A and C can not open ist, even with the right password.
The item belongs to /usr/lib/pkcs11/gnome-keyring-pkcs11.so
If you delete the file, it disappears for all users.
It gets uninstalled along with gnome-keyring.
If you re-install gnome keyring, the file re-appears again, as before just unlockable by User B.
The unlocked file is empty.
I can work as user A without any trouble, just can't import keys with seahorse.
Nobody else seems to have this issue.
And, not to forget, it's annoying to have these things uncontrolleably happen on my PC.
Last edited by grey_smurf (2015-05-29 17:47:25)
Offline
At least I'm not alone:
Certificates -> Gnome2 Key Storage folder: cannot unlock
Bug 1199290 - Unable to unlock the Gnome2 Key Storage
seahorse authentication fail
Last edited by grey_smurf (2015-05-30 09:19:58)
Offline
OK, i give up. I don't understand what's happening here, just that seahorse and/or gnome and/or seahorse and/or arch are not working properly. Just on out of three users is able to handle certificates, the rest has to live without it or re-install the whole system.
In case that someone in the future might encounter similiar issues, please answer. It would be nice not to be alone. To have someone give me some tipps on how to proceed, would be much nicer, though.
Offline
Dear all,
i finally found a solution to this problem: Wiping the disk and installing a fresh Arch-Linux helped - now i can access my keychain.
Anybody offering a more elegant solution: please post below.
regards, Christoph
Offline
You're not alone!
Unfortunately I haven't found a solution either.
Offline
To clarify: I have a workaround -- using ssh-add works as expected.
However that does not really solve the question in the thread which is how to get seahorse to do it. I have uninstalled and reinstalled seahorse, gnome-keyring and various permutations. This does solve the problem of no unlockable password for keyring, but seahorse still won't import an ssh key (nor does it show the key which was imported via ssh-add -- I suspect because it uses a different ssh-agent.)
Offline
I had the same problem with an unlockable Gnome2 Key Storage (using Ubuntu 15.10).
After searching a while, I found that "Gnome2 Key Storage" used to be called "User Keys".
Then I figured that the corresponding file must be ~/.local/share/keyrings/user.keystore. The file was timestamped with the date on which I installed the OS (on this machine I started with Ubuntu 14.10). After removing the file it was recreated and now I have a "Gnome2 Key Storage" entry in seahorse which is unlockable without a password. I am also able to successfully import certificates, which I wasn't able to do before.
Hope this helps someone.
Offline
This might be completely off, but I experienced what might just be the same infuriating problem.
Turned out to be an extreme "DUH!" thing... -_-
This is the solution for my blunder in seahorse:
View - Show All
And yes; I'm really, really embarrassed...
Offline
I've solved like this;
in seahorse, click View > Show any, and right-click on "Gnome2 Key Storage". Put my *OLD* password in the popup.
This may come from seahorse or key ring's failure to link the password with Login's one.
If you forgot your old password, you have to delete the file in the ring like spooler did.
Offline