Differences

This shows you the differences between two versions of the page.

--- linux:security:keyring [2020/05/25 15:20] – [Usage] chuck
+++ linux:security:keyring [2021/11/09 14:57] (current) – chuck
@@ Line 1: / Line 1: @@
 ======Linux Keyring======
-Here's a few tips on using the Linux Keyring.
 ----
+====Tools====
+  * [[linux:security:keyring:secret-tool]]
+  * [[linux:security:keyring:keyring]]
-=====secret-tool=====
+====Keyring Applications====
-Store and retrieve passwords from the keyring.
+  * [[linux:security:keyring:gnome-keyring]]
+  * [[linux:security:keyring:keepassxc-keyring]]
-===Install===
-  * ''%%sudo apt install libsecret-tools%%''
-===Description===
-<WRAP green announcement smaller>
-==From man secret-tool==
-Each password is stored in an item. Items are uniquely identified by a set of attribute keys and values. When
-storing a password you must specify unique pairs of attributes names and values, and when looking up a
-password you provide the same attribute name and value pairs.
-</WRAP>
-  * ''%%--label%%'' = Mainly for GUI programs but can be used to retrieve a given secret.
-  * ''%%{attribute}%%'' = Used by the secret-tool for retrieving or deleting a given secret.
-  * ''%%{value}%%'' = Used by the secret-tool for retrieving or deleting a given secret.
-====Usage====
-===Add an entry===
-<code>secret-tool store --label='My Label' {attribute} {value} {attribute2} {value2} [...]
-Password:
-</code>
-===Get a password===
-<code>
-secret-tool lookup {attribute} {value} {attribute2} {value2} [...]
-P4s$W0rd
-</code>
-===Show entries with simialr key/values===
-<code>
-secret-tool search --all {attribute} {value} {attribute2} {value2} [...]
-[/org/freedesktop/secrets/collection/TestDB/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]
-label = test2
-secret = P4s$W0rd
-created = 2020-05-08 17:58:08
-modified = 2020-05-08 21:16:04
-schema = (null)
-attribute.Path = /test2
-attribute.Uuid = 04706d96b2404a2f96de02a8a76bf113
-attribute.UserName = chuck
-attribute.URL =
-attribute.Notes =
-attribute.Title = test2
-attribute.Key1 = Value1
-attribute.Key2 = Value2
-</code>
-===Delete an entry===
-<code>
-secret-tool clear {attribute} {value} {attribute2} {value2} [...]
-# Popup from KeePassXC:
-Do you really want to move entry "test2" to the recycle bin?
-                                            <MOVE> <CANCEL>
-</code>
-===Additional search terms===
-Can create values and search them:
-<code>
-secret-tool search --all Title name
-secret-tool search --all UserName name
-secret-tool search --all URL https://www.url.com
-secret-tool search --all Notes value
-secret-tool search --all {attribute} {value} [...]
-</code>
-===Tips===
-  * Set an alias in ~/.bash_aliases:<code>alias get_password1='secret-tool lookup {attribute} {value} {attribute2} {value2}'</code>
-  * Use in docker:<code>
-# "The operator can set any environment variable in the container by using one or more -e flags"
-docker run -it --rm \
-  -e AWS_ACCESS_KEY_ID=$(aws-key-id) \
-  -e AWS_SECRET_ACCESS_KEY=$(aws-key-secret) \
-  local/aws-shell
-</code>
-  * From here: https://www.marian-dan.ro/blog/storing-secrets-using-secret-tool/
 ----
-=====keyring=====
-Python-Keyring command-line utility: https://pypi.org/project/keyring/
-===Install===
-  * ''%%sudo apt install python3-keyring%%''
-===Description===
-<WRAP announcement smaller green>
-==From man keyring==
-**keyring** provides a way to store, lookup and delete passwords in various backends supported by Python-Keyring.
-</WRAP>
-====Usage====
-===Python===
-You can set/get entries from a Python script or from the Python terminal
-==Add an entry==
-<code>
-keyring.set_password("system", "username", "password")
-# Same as above but ask for the password
-keyring.set_password('twitter', 'xkcd', getpass.getpass())
-</code>
-==Get a password==
-<code>keyring.get_password("system", "username")</code>
-===CLI===
-You can set/get entries directly from the command line or from bash scripts, etc.
-    * ''%%keyring --help%%''
-    * ''%%keyring set SERVICE USERNAME%%''
-    * ''%%keyring get SERVICE USERNAME%%''
-    * ''%%keyring del SERVICE USERNAME%%''
-===Details===
-The commands above will set the following attributes on an entry:
-  * For example, running:
-    * ''%%keyring set twitter chuckn246%%''
-  * Will create an entry with the Title:
-    * Password for 'chuckn246' on 'twitter'
-  * Will set these attributes on the entry:
-    * **application**: Python keyring library
-    * **service**: twitter
-    * **username**: chuckn246
-==Small Gotcha==
-  * Note that the attribute username is different than the entry UserName (Note capitalization).<code>
-secret-tool search service twitter
-[/org/freedesktop/secrets/collection/TestDB/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]
-label = Password for 'chuckn246' on 'twitter'
-secret = twitterpassword
-created = 2020-05-08 22:17:06
-modified = 2020-05-08 22:17:06
-schema = (null)
-attribute.Path = /Password for 'chuckn246' on 'twitter'
-attribute.Uuid = 3174d145b5e74435ab15cf45a5d805cb
-attribute.UserName = chuck
-attribute.service = twitter
-attribute.URL =
-attribute.Notes =
-attribute.application = Python keyring library
-attribute.username = chuckn246
-attribute.Title = Password for 'chuckn246' on 'twitter'
-</code>
-----