KDE Wallet

KDE Wallet Manager is a tool to manage the passwords on your KDE system. By using the KDE wallet subsystem it not only allows you to keep your own secrets but also to access and manage the passwords of every application that integrates with the KDE wallet.

Unlock KDE Wallet automatically on login

If your KDE Wallet password is the same as your username password, you can unlock your wallet automatically on login.

Install the pam_kwallet-gitAUR package.

Then edit /etc/pam.d/kde and add the two lines under their corresponding sections:

auth            optional        pam_kwallet.so kdehome=.kde4
session         optional        pam_kwallet.so
Example /etc/pam.d/kde
#%PAM-1.0
auth            include         system-login
auth            optional        pam_kwallet.so kdehome=.kde4 

account         include         system-login

password        include         system-login

session         include         system-login
session         optional        pam_kwallet.so

After restarting your wallet should unlock automatically if your user password is the same as your Kwallet password and you use a login manager like KDM.

Note: Currently, pam_kwallet-git has at least two limitations: first, it's not compatible with GnuPG keys, so KDE Wallet must use the standard blowfish encryption. Also, the wallet name must be "kdewallet" (that's the default name). If, for some reason, you create a new wallet, you need to use this name (so you will probably need to rename the old wallet too).

Using the KDE Wallet to store ssh keys

First, make sure that you have an SSH agent running. For instructions on how to start and stop ssh-agent on login and logout respectively follow these instructions.

Install the ksshaskpass package.

Note: If you use KDE4 and run into problems due to ksshaskpass connecting to a second instance of kwallet, try installing ksshaskpass4AUR instead.

Create an autostart file (KDE4: ~/.kde4/Autostart/ssh-add.sh, KDE Plasma: ~/.config/autostart/ssh-add.sh) with this content:

#!/bin/sh
ssh-add </dev/null

Tango-emblem-important.png

Tango-emblem-important.png

The factual accuracy of this article or section is disputed.

Reason: "May have a bug" (Discuss in Talk:KDE Wallet#)

KDE Plasma may have a bug where it will not run start up scripts. As a work around, you'll have to create a startup .desktop file ~/.config/autostart/ssh-add.desktop:

[Desktop Entry]
Exec=~/.config/autostart/ssh-add.sh
Icon=system-run
StartupNotify=true
Terminal=false
Type=Application
Tip: The above script will only add the default key ~/.ssh/id_rsa. Assuming you have different SSH keys named key1, key2, key3 in ~/.ssh/, you may add them automatically on login by changing the above script to:
#!/bin/sh
ssh-add $HOME/.ssh/key1 $HOME/.ssh/key2 $HOME/.ssh/key3 </dev/null

Make it executable and run it:

$ chmod +x ~/.kde4/Autostart/ssh-add.sh
$ ~/.kde4/Autostart/ssh-add.sh

You may also have to source the script that sets the SSH_ASKPASS environment variable:

$ eval $(. /etc/profile.d/ksshaskpass.sh)

It will ask for your password and unlock your SSH keys. Upon restart your SSH keys should be unlocked once you give your kwallet password.

To add a new key and store the password with kwallet use the following command

$ ssh-add /path/to/new/key </dev/null

and append the key to the list of keys in ~/.kde4/Autostart/ssh-add.sh as explained above to have it unlocked upon providing the kwallet password.

KDE Wallet for firefox

There is an addon to make firefox store passwords with KDE wallet.

http://kde-apps.org/content/show.php/Firefox+addon+for+kwallet?content=116886

KDE Wallet for chromium

Chromium has built in wallet integration. To enable it, run Chromium with the --password-store=kwallet or --password-store=detect argument.