Howto: Get Network Manager to stop asking you for your keyring password
I am by no means an expert on PAM (Pluggable Authentication Module) or pam_keyring so I wanted to start by acknowleging where I got my info:
Mike Petullo - first wrote the pam_keyring module
Jonathan Nettleton - current maintainer of pam_keyring and added code to allow this module to work with the older PAM included with Ubuntu
s31523 and Buell (from these forums) - for posting the topic and comment that helped me get this working.
After I got my wireless working in 6.06 using Network Manager I was very happy, but it would be nice not to have to enter the keyring password after logging in. Luckily, there is a PAM module pam_keyring that will automatically unlock your gnome keyring when you login. You can find pam_keyring and more info here. Pam_keyring is not currently an available package for Ubuntu, but you can get it installed pretty easily on 6.06. For this to work, your login password and your keyring password must be the same. If the two passwords are not the same, there are a few possibilities. (See below)**
Pam_keyring requires the following packages (I think they are installed by default in 6.06):
gnome-keyring >= 0.4.8
gnome-session >= 2.10
pam >= 0.77
Since you will need to compile pam_keyring from source, you will also need some development packages. Here are the additional packages that I needed to install (were not installed by default in 6.06):
build-essential
libtool
libglib2.0-dev
libgnome-keyring-dev
libpam0g-dev
You can install these packages using Synaptic. Then download pam_keyring-0.0.8.tar.gz. Open a terminal window, find the downloaded tarball and do the following at the command line:
Code:
tar -xvvzf pam_keyring-0.0.8.tar.gz
Code:
cd pam_keyring-0.0.8
Code:
./configure --prefix=/usr --libdir=/lib
- hopefully you get no errors here. If you do, most likely you are missing a needed package.
- this should ask you for your password
Now, you will need to edit one file. I use vi, but if you are more comfortable with a graphical editor you can enter the following:
Code:
sudo gedit /etc/pam.d/gdm
add the following two lines to the end of the file:
Code:
auth optional pam_keyring.so try_first_pass
session optional pam_keyring.so
Now you can reboot and it should not ask you for your keyring password to log onto your encrypted wireless network.
Hope this works for everyone.
Kawayanan
** If your login password and your keyring password are not the same, you have to fix this and there are a couple of possible ways. Unfortuantely, there isn't a good way to change your keyring password, and you will need to work around this.
1) Change you login password to match your keyring password
2) You may be able to remove the keyring entirely and create a new one. See this page for info. I haven't tried this, but howfully the next time Network Manager tries to logon to your encrypted wireless network it would ask you for the encryption key again and create a new keyring (use your logon password this time). Someone should post if they do whis to confirm this works.
3) If you are feeling really brave, Jonathan Nettleton (who maintains pam_keyring) has submitted a patch to the gnome-keyring that allows you to change the keyring password. It has not been excepted yet, but he has provided patched cvs downloads that people can test. He has more info and the downloads here. Hopefull in the future, we will all be able to easily change our keyring passwords. Thanks Jonathan Nettleton.
Bookmarks