Auto-Unlock Keyring Manager In Ubuntu Intrepid

keyring-prompt

If you have set your Ubuntu machine to auto-login everytime you start your computer, you will find that as soon as you reach your desktop, the keyring manager will automatically pop up and ask you for the password to unlock itself and retrieve the key to connect to the wireless connection.

The keyring manager is integrated with Gnome such that when you login from the main screen, it will automatically unlock itself as well. However, if you use the auto-login function, Gnome will skip the keyring manager process and log the user in without unlocking the keyring manger.

To get rid of this annoyance, what you can do is to set a blank password for the keyring manager so that it won’t prompt you  for password everytime you login.

Do bear in mind that setting a blank password for your keyring manager will expose all your passwords to anyone that use your computer.

Go to Applications -> Accessories -> Password and Encryption Keys

keyring-manager

Go to Edit-> Preferences

Highlight the login – Automatically unlocked when user logs in entry. Press the Change Unlock Password button.

password-keyring

Enter your old password and leave blank for the new password. Click Change.

keyring-change-pwd

It will prompt you for security issue. Click Use Unsafe Storage to continue.

keyring-unencrypted-pwd

Done. Next time when you login, the keyring manager won’t prompt you for password again.

20 comments

  1. Perhaps I am missing something here Damien, because I don’t use Ubuntu as my Linux OS, but you appear to be encouraging the same sort of security levels that occur in Windows, apparently in the name of “user convenience”. One of the things that distinguishes Linux is that it encourages you to use security routines; and you are undoing them! In heavens name, WHY ? From where I stand, one of the most important aspects of Linux security is that it does work and keeps your computer secure, yet you are telling everybody: Hey, do this and you won’t be asked for an annoying Password (which does of course keep your computer secure) and guess what: “Do bear in mind that setting a blank password for your keyring manager will expose all your passwords to anyone that use your computer.” Words begin to fail me over your lack of responsibility to any user.

  2. Perhaps what is good about Ubuntu (and Linux) in general is that the users have the choice of what level of security they want to be bothered with. Frankly I appreciate this article. I have a netbook, for the wife, running Ibex that never leaves my home. For her convenience I enabled auto login and have been looking for the way to eliminate the keyring manager prompts for the wireless connection.

    Tony, maybe you should rethink your “one size fits all” approach to security and celebrate the fact that Linux, in contrast to Windows, allows us all to do what we want.

  3. @TonyY: While what you say are true, there are many instances where security is not the utmost important thing in every one’s mind. In cases such as when your computer never leave your house or you are the only user to your computer, you can safely reduce the security setting (not eliminate totally) and enjoy greater convenience. Furthermore, I did mention in the article that setting a blank password for the keyring manager will expose all your password, and at the end, the keyring manager also pop up a warning to mention that this is Unsafe. I guess these are sufficient warnings to inform people about the decision they are going to make.

    @JeffH0821: Great point there.

  4. Damien and Jeff: Both of you make excellent points and thankyou for entering the debate so pleasantly. :-) I make a first point which I think is very valid: both of you are experienced users who seriously KNOW what you are about, therefore you know the risks in each situation. In your very special case Jeff, of course I would have no worries at all, and I would do it myself. Nor do I worry in the case of my own wife who has a dual boot PC and exposes WinXP to an internet connection via a firewall, but never uses that part of her computer on the internet.

    My concern in this article was that the very, very limited user will come along, see this sort of message and think: Hey, I see the warning, but obviously I can get away with this otherwise it wouldn’t be stated here that I can do it. And operating without password security is just the sort of thing I am sooooo used to in Windows that I am sure I can ignore it in Linux and go…..and then wonder why disaster strikes. To recap, to an experienced Linux user who recognises and can control the situation, no problems, and you are both absolutely right in that respect; but to a total newcomer who did this…..QED perhaps ? On the surface the article seems to suggest that you can use just those negative security concepts that Windows has fostered for 14 years or more. I am probably being very picky, but for 10 years now, I have had password control under all aspects in Linux “bashed into me” and I react if I see any attempt to reduce it. Afterall, what is the real problem with entering a password if it retains ALL security ?? And every Windows machine shows the problems that can arise without a properly secured OS.

    And you are right, of course, about choice. I would choose to leave the password there; then I know the computer is always secure, or at least as secure as I can make it.

  5. I aggree with TonyY. this practice of autologin,etc should be discouraged. it is setting the ground work for insecure computing practices. reminds me of windows. if a user is too lazy to type a user/password, then they should be using windows and dealing with the security/infection problems of windows.

  6. Autologin is interesting in some cases. For example with my laptop, I already enter a password during the boot to decrypt the partition with my data. In this case the session login is useless.

    Note: for Jaunty (9.04) the second step is slightly different: you have a new tab “Passwords” in the main window (not in Edit/Preferences).
    Then you right-click “Passwords: login” and choose “Change Password”.

  7. Not sure what I am doing wrong here but I got the following error message:

    Couldn’t change keyring password.

    Access Denied

    I then tried to change the password to something more simple, and got the same error message.

  8. Damien, firstly Thank you! I had been very annoyed by this popup and your clear explanation worked perfectly for me.

    TonyY, before instantly saying this is a bad thing you should consider that there are many scenarios. I’m setting up a Boxee install on Ubuntu using this machine as a media player connected to a TV. I have no need what so ever for password boxes popping up on screen when all I want to do is use it to watch TV. Security is all well and good and should be applied appropriately. When it’s not appropriate for it to be intrusive, I should be able to tell it to go take a hike. I’m grateful to people like Damien for posting fixes for things that are extremely annoying and in a particular scenario such as mine are definitely not needed and just get in the way.

  9. thx a lot.
    i was starting to get nigthmares about that damn pop up.
    in my case, as far as i know, the only password that get compromised is the WIFI key, and if someone get access to my laptop, that key would be the last of my concerns.

    • nice fix!

      in this security debate I think roger has a good point:

      does this ONLY expose your wifi keys (as I would expect)
      or for some strange reason does this expose “all your passwords” (including user passwords)?

  10. Just loaded v9.04 – was feeling a little brave at the time. When loading it asks whether you want automatic login, I ticked the box and everything works well, no pop-ups. But don’t do the same until the release unless, like me, you have more than one computer.

  11. Tony and Neo, I agree with Stuart on this point. It depends on the circumstances.

    I am also setting a media PC (MythTV) that will sit next to my TV in my bedroom and won’t even have a keyboard/mouse attached. All I need to control the interface is the remote, and everything else is taken care of over SSH.

    In that case, it is *vital* that I do not have a password box popping up every time the computer is turned on which is frequent as it is not the main MythTV machine.

    I believe that a warning as such is valid because it is unlikely someone will find out this information unless they are already looking for it.

  12. I have just installed Eeebuntu 3.o on my Eee PC900. This has given me Ubuntu 9.04. I also chose automatic login and now I am plagued by the request for a keyrin g password.

    When I try Damien’s fix above, it doesn’t work for me because when I go to my Personal Keys, and then to Edit/Preferences, the only tabs visible are Key Servers and Key Sharing. There is no tab for Password Keyrings.

    What should I do?

  13. thank you!!! finally i find this, i’ve tried two other fixes that do nothing or break it and this was hard to find!

  14. The interface has changed since 9.04.

    On the main screen, right click on the Passwords:login field and select Change Password

  15. Thank You for the concise anwser. I have a netbook at home that I use as a web and ftp server. I work away from home from in a remote location for 2-4 months at a time and use this to get pictures of my wife and son. I administer the machine via ssh over a slow satellite link. It was really getting annoying to have to call my wife (over sat phone) to remind her to re-enter the password everytime the machine rebooted due to updates or power loss. Because it waits for local user input before connecting to the wireless I was going days without access to my machine! I agree with some of the comments that security should be kept in mind, but to everything there is a purpose! Thanks again, Cheers.

  16. Using this “fix” you say goodbye to your passwords on your computer.

    However, having boxes like these, is making Ubuntu REALLY REALLY annoying. Dialog boxes are NOT good UI practice, no matter what. We don't have to copy Windows' mistakes here.

    For those of us who prefer having our computer act as a server (we have more than one computer in the house thank you very much!!), this “fix” is unfortunately necessary. This is a BIG security fault with Ubuntu, nothing else (this dialog box is unacceptable).

Comments are closed.

Sponsored Stories