Chuck Nemeth

User Tools

Site Tools

Trace: Linux Keyring
linux:security:keyring

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:security:keyring [2020/05/25 15:21] – [Usage] chucklinux:security:keyring [2021/11/09 14:57] (current) chuck
Line 1: Line 1:
 ======Linux Keyring====== ======Linux Keyring======
-Here's a few tips on using the Linux Keyring. 
  
----- 
- 
-=====secret-tool===== 
-Store and retrieve passwords from the keyring. 
- 
-===Install=== 
- 
-  * ''%%sudo apt install libsecret-tools%%'' 
- 
- 
-===Description=== 
-<WRAP green announcement smaller> 
-==From man secret-tool== 
-Each password is stored in an item. Items are uniquely identified by a set of attribute keys and values. When 
-storing a password you must specify unique pairs of attributes names and values, and when looking up a  
-password you provide the same attribute name and value pairs. 
-</WRAP> 
-  * ''%%--label%%'' = Mainly for GUI programs but can be used to retrieve a given secret. 
-  * ''%%{attribute}%%'' = Used by the secret-tool for retrieving or deleting a given secret. 
-  * ''%%{value}%%'' = Used by the secret-tool for retrieving or deleting a given secret. 
- 
-====Usage==== 
-===Add an entry=== 
-<code>secret-tool store --label='My Label' {attribute} {value} {attribute2} {value2} [...] 
-Password: 
-</code> 
- 
-===Get a password=== 
-<code> 
-secret-tool lookup {attribute} {value} {attribute2} {value2} [...] 
-P4s$W0rd 
-</code> 
-===Show entries with simialr key/values=== 
-<code> 
-secret-tool search --all {attribute} {value} {attribute2} {value2} [...] 
-[/org/freedesktop/secrets/collection/TestDB/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] 
-label = test2 
-secret = P4s$W0rd 
-created = 2020-05-08 17:58:08 
-modified = 2020-05-08 21:16:04 
-schema = (null) 
-attribute.Path = /test2 
-attribute.Uuid = 04706d96b2404a2f96de02a8a76bf113 
-attribute.UserName = chuck 
-attribute.URL =  
-attribute.Notes =  
-attribute.Title = test2 
-attribute.Key1 = Value1 
-attribute.Key2 = Value2 
-</code> 
-===Delete an entry=== 
-<code> 
-secret-tool clear {attribute} {value} {attribute2} {value2} [...] 
-# Popup from KeePassXC:  
-Do you really want to move entry "test2" to the recycle bin? 
-                                            <MOVE> <CANCEL> 
-</code> 
- 
-===Additional search terms=== 
-Can create values and search them: 
-<code> 
-secret-tool search --all Title name 
-secret-tool search --all UserName name 
-secret-tool search --all URL https://www.url.com 
-secret-tool search --all Notes value 
-secret-tool search --all {attribute} {value} [...] 
-</code> 
- 
- 
-===Tips=== 
-  * Set an alias in ~/.bash_aliases:<code>alias get_password1='secret-tool lookup {attribute} {value} {attribute2} {value2}'</code> 
-  * Use in docker:<code> 
-# "The operator can set any environment variable in the container by using one or more -e flags" 
-docker run -it --rm \ 
-  -e AWS_ACCESS_KEY_ID=$(aws-key-id) \ 
-  -e AWS_SECRET_ACCESS_KEY=$(aws-key-secret) \ 
-  local/aws-shell 
-</code> 
-  * From here: https://www.marian-dan.ro/blog/storing-secrets-using-secret-tool/ 
  
 ---- ----
 +====Tools====
 +  * [[linux:security:keyring:secret-tool]]
 +  * [[linux:security:keyring:keyring]]
  
-=====keyring===== +====Keyring Applications==== 
-Python-Keyring command-line utilityhttps://pypi.org/project/keyring+  * [[linux:security:keyring:gnome-keyring]] 
- +  [[linux:security:keyring:keepassxc-keyring]]
-===Install=== +
-  * ''%%sudo apt install python3-keyring%%'' +
- +
-===Description=== +
-<WRAP announcement smaller green> +
-==From man keyring== +
-**keyring** provides a way to store, lookup and delete passwords in various backends supported by Python-Keyring. +
-</WRAP>+
  
 ---- ----
-====Usage==== 
-===Python=== 
-You can set/get entries from a Python script or from the Python terminal 
  
-==Add an entry== 
-<code> 
-keyring.set_password("system", "username", "password") 
- 
-# Same as above but ask for the password 
-keyring.set_password('twitter', 'xkcd', getpass.getpass()) 
-</code> 
- 
-==Get a password== 
-<code>keyring.get_password("system", "username")</code> 
- 
- 
-===CLI=== 
-You can set/get entries directly from the command line or from bash scripts, etc. 
-    * ''%%keyring --help%%'' 
-    * ''%%keyring set SERVICE USERNAME%%'' 
-    * ''%%keyring get SERVICE USERNAME%%'' 
-    * ''%%keyring del SERVICE USERNAME%%'' 
- 
----- 
- 
-===Details=== 
-The commands above will set the following attributes on an entry: 
-  * For example, running:  
-    * ''%%keyring set twitter chuckn246%%'' 
-  * Will create an entry with the Title: 
-    * Password for 'chuckn246' on 'twitter' 
-  * Will set these attributes on the entry: 
-    * **application**: Python keyring library 
-    * **service**: twitter 
-    * **username**: chuckn246 
- 
-==Small Gotcha== 
-  * Note that the attribute username is different than the entry UserName (Note capitalization).<code> 
-secret-tool search service twitter 
-[/org/freedesktop/secrets/collection/TestDB/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] 
-label = Password for 'chuckn246' on 'twitter' 
-secret = twitterpassword 
-created = 2020-05-08 22:17:06 
-modified = 2020-05-08 22:17:06 
-schema = (null) 
-attribute.Path = /Password for 'chuckn246' on 'twitter' 
-attribute.Uuid = 3174d145b5e74435ab15cf45a5d805cb 
-attribute.UserName = chuck 
-attribute.service = twitter 
-attribute.URL =  
-attribute.Notes =  
-attribute.application = Python keyring library 
-attribute.username = chuckn246 
-attribute.Title = Password for 'chuckn246' on 'twitter' 
-</code> 
- 
----- 
  
linux/security/keyring.1590420060.txt.gz · Last modified: by chuck