KDE Wallet
KDE Wallet Manager is a tool to manage the passwords on your KDE Plasma system. By using the KWallet subsystem it not only allows you to keep your own secrets but also to access and manage the passwords of every application that integrates with KWallet.
Contents
Unlock KDE Wallet automatically on login
If your KWallet password is the same as your username password, you can unlock your wallet automatically on login.
Install kwallet-pam package. Then edit your login manager pam file and add the lines under their corresponding sections:
-auth optional pam_kwallet5.so -session optional pam_kwallet5.so auto_start
For LightDM, for example, edit /etc/pam.d/lightdm
and /etc/pam.d/lightdm-greeter
files:
/etc/pam.d/lightdm
#%PAM-1.0 auth include system-login -auth optional pam_kwallet5.so account include system-login password include system-login session include system-login -session optional pam_kwallet5.so auto_start
For SDDM, just edit the sddm file like this to get kwallet5 to auto-unlock:
/etc/pam.d/sddm
auth include system-login -auth optional pam_kwallet5.so account include system-login password include system-login session include system-login -session optional pam_kwallet5.so
After restarting your wallet should unlock automatically if your user password is the same as your KWallet password.
Using the KDE Wallet to store ssh keys
First, make sure that you have an SSH agent running.
Install the ksshaskpass package.
Create an autostart file and mark it executable with chmod:
~/.config/autostart-scripts/ssh-add.sh
#!/bin/sh ssh-add </dev/null
You also have to set the SSH_ASKPASS
environment variable in your /etc/profile or ~/.bash_profile:
export SSH_ASKPASS="/usr/bin/ksshaskpass"
It will ask for your password and unlock your SSH keys. Upon restart your SSH keys should be unlocked once you give your kwallet password.
To add a new key and store the password with kwallet use the following command
$ ssh-add /path/to/new/key </dev/null
and append the key to the list of keys in ~/.config/autostart-scripts/ssh-add.sh
as explained above to have it unlocked upon providing the kwallet password.
KDE Wallet for Firefox
There is an addon to make Firefox store passwords with KDE5 Wallet.
KDE Wallet for Chrome and Chromium
Chrome/Chromium has built in wallet integration. To enable it, run Chromium with the --password-store=kwallet
or --password-store=detect
argument. To make the change persistent, see Chromium/Tips and tricks#Making_flags_persistent. (Setting CHROMIUM_USER_FLAGS will not work.)