In the last days, I was working in Tiamat and faced the need to store SSH and Telnet passwords. I don’t even hesitated, one name came to my mind: Gnome Keyring. It’s easy, it’s secure and have Python binding, what was missing?! Know how to use it. Before we start bending, I’d like to discuss a...
In the last post we started introducing how the Gnome Keyring works. I showed how to create a keyring and its items using Seahorse, now I’m going to show how to do it using Python. In order to interact with Gnome Keyring from Python we need python-gnomekeyring installed. Let’s start bending…
In the last post I’ve shown how to create keyrings using python and mentioned a slightly difference from the "seahorse password storing process". Well, it happens that, when we start to dig this difference isn’t so small. Using seahorse every keyring item is created with the "Update if Exists" flag...
Keeping the last subject, today I’ll write a little about the Gnome Keyring security. As presented in the last post, the Gnome Keyring is responsible for storing users sensitive information in encrypted databases called keyrings. I’ve shown how to create an Keyring and store some secrets. But now I...
Following the last line from my preview post, there is a secure flaw in the Gnome Keyring. Hopefully there is a security mechanism that brings us some peace. The Gnome Keyring API (ligbnome-keyring) give us a way to lock an specific keyring using the following methods: set_lock_on_idle and...
Following my last post lines, I’ll show today how we can implement a wrapper class to "control" the Gnome Keyring. This isn’t the most secure way, since we store the keyring password in a variable. But is better then let your keyring open for all other applications. First we need to create a class...
In a couple of posts ago I talked about two ways to solve a Gnome Keyring issue in Python. The fist way (demonstrated here), was to create o simple class that wraps the libgnome-keyring and in each request it lock and unlock the Gnome Keyring. It wasn’t perfect and had some security issues but at...
