[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gcmd-dev] [NEW] Use of GNOME authentication manager for user's secu
From: |
Michael |
Subject: |
Re: [gcmd-dev] [NEW] Use of GNOME authentication manager for user's security credentials |
Date: |
Thu, 25 Oct 2007 01:47:49 +0200 |
User-agent: |
claws-mail.org |
> It's not been developed since 2005 if IIRC.
No that's wrong.
Ok, let's see! *sigh*
"Homepage" <http://svn.gnome.org/viewvc/gnome-keyring/trunk>
The encrypted keyring files are in ~/.gnome2/keyrings/
(what the heck is gnome_private then for ?)
Features:
2003-12-05 Alexander Larsson <address@hidden>
Added sha256 from beecrypt
Use sha256 to get key and iv for aes crypto
Add salt and hash rounds count.
Warning: This changes the file format.
<http://svn.gnome.org/viewvc/gnome-keyring/trunk/doc/file-format.txt?view=log>
No-Swap <http://live.gnome.org/GnomeKeyring/Memory>
Selected NEWS:
Changes in version 2.19.91 are:
* In the PAM module we now support starting gnome-keyring-daemon when
the user's session actually starts, rather than during password validation.
This makes us more solid and sane with GDM and well behaved PAM using
applications. [Chris Rivera]
Changes in version 2.19.6 are:
* Now supports use of keyrings on removable drives.
* PAM module to automatically unlock keyrings on login, or unlocking
* Simplify daemon code (now uses cooperative threading) and get it ready for
other PKCS#11, SSH and other stuff running in same process.
Changes in version 2.19.5 are:
* API Documentation
Changes in version 2.19.4 are:
* Log warning and error messages to syslog when running as a daemon.
Changes in version 2.19.2 are:
* Use libgcrypt instead of hand-rolled encryption algorithms.
Some Changelogs:
=== gnome-keyring 2.20 ===
2007-09-17 Stef Walter <address@hidden>
* NEWS: Release gnome-keyring 2.20
2007-08-19 Stef Walter <address@hidden>
* pam/gkr-pam-module.c: Correctly start the daemon from PAM's
pam_sm_open_session callback rather than the pam_sm_authenticate,
when the 'auto_start' flag is set on the 'session' line.
This makes us more solid and sane with GDM and well behaved PAM
using applications. Fixes bug #467852. Patch from Chris Rivera
2007-08-19 Stef Walter <address@hidden>
* pam/gkr-pam-client.c: stat the socket and check for correct
user before connecting to it from the PAM module, and sending
password there.
Alternatives (there may be more) - just FYI
(1) KeePassX
Homepage <http://keepassx.sourceforge.net/>
It's cross-platform l/w
"The complete database is always encrypted either with AES (alias Rijndael) or
Twofish encryption algorithm using a 256 bit key."
(2) KWallet
KDE 3.2 will include a new subsystem for storing sensitive data such as
passwords, web forms and certificates in strong encryption containers known as
"wallets". This behavior mirrors the behavior of implementations such as
Mozilla's Wallet, Apple's Key Ring, and other similar subsystems. It also
extendes these concepts by implementing generic storage mechanisms and user
interfaces, allowing more complex data to be stored and shared amongst
applications as well as allowing the user to easily manage the stored data and
control which applications may access it. This paper will outline the
architecture of KWallet as well as discuss how and why application developers
should take advantage of what KWallet has to offer. It will include examples of
applications presently using KWallet.
(I think kwallet is part of kdelibs)
... someone should google and see where we would get if someone googled :)
Re: [gcmd-dev] [NEW] Use of GNOME authentication manager for user's security credentials, Stef Walter, 2007/10/26
Re: [gcmd-dev] [NEW] Use of GNOME authentication manager for user's security credentials, Petr Tomasek, 2007/10/23
Re: [gcmd-dev] [NEW] Use of GNOME authentication manager for user's security credentials, Magnus Stålnacke, 2007/10/27