Intro to Gnome Keyring Keyrings

GNOME Keyring has components which enable applications to store passwords and other sensitive data in a standardized way across.

GNOME Keyring uses the standard cross desktop "Secret Service" DBus API to communicate with applications. A helper library called libgnome-keyring is also available which provides a C API to access the passwords.

A keyring stores a collection of encrypted passwords and encrypted information about those passwords. A user can have multiple keyrings, each for a different use, but there is a default one, called 'login'. There is also a special 'session' keyring which is not stored on disk and goes away when you log out.

When a user logs into GNOME, the keyrings are locked and a master keyring password has to be provided in order to unlock each of them. A keyring can be configured to be locked automatically after a period of inactivity.

The data inside a keyring is stored in "items". Each item has a name, such as "university proxy password" or "example.org SSH private key password", a secret, and an unlimited list of attributes. Each attribute consists of a name-value pair that is intended to serve as a hint for the applications (e.g., "user=fer", or "server=example.org"). This enables applications to find the relevant item in the keyring. All strings are UTF-8.

API Docs

Projects/GnomeKeyring/KeyringIntro (last edited 2013-11-26 20:21:42 by WilliamJonMcCann)