On Mon, 8 Jan 2007, H.S. wrote:
David Jansen wrote:
Is it possible (and how!) to change the passphrase of an existing
keyring in the gnome-keyring. The reason I want to do this: pam_keyring
can unlock the keyring if the passwords are identical, and I wanted to
start the new year with a frssh, secure new password.
However, I cannot find the option to change the passphrase anywhere in
gnome, gnome-keyring-manager, gconf etc (FC6 i386 system)
David Jansen
It did this once by deleting the keyring. It asked me for a password again
next time I logged in and I gave it the new password. Here's how I did this:
1. Delete the directory ~/.gnome2/keyrings
2. Logout of gnome session (or any other session)
3. Delete .gconf* files/directories from /tmp. I just deleted everything I
owned in tmp (note that you need to delete the hidden directories as well).
Next time you login, you will be asked for the keyring passphrase again when
it is needed.
Of course, you lose the contents of your old keyring that way. You can do
something like the following, but it's a bit of a pain:
- Create a new keyring with the login password.
- Rename the keyrings by hand so the new one is the default.
- Use the keyring manager to cut and paste keys from the old ring to the
new one.
The fact that changing keyring passwords is such a pain is an impediment
to implementing secure password management policies. The keyring password
patch should be included in GNOME.
GL,
->HS
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
