home.social

#kwallet — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #kwallet, aggregated by home.social.

  1. Why is this still an issue on #Element :))

    It's been a thing for mooooonths (or a year?) despite not being an issue before, and I'm not sure if it's to do with Element or
    #KDE/#Kwallet (or something else entirely i.e. #Flatpak). The last time I had an issue relating to Kwallet was with #VSCode and even that required some weird workaround (IIRC, lying that we're using #GNOME 's keychain or smtg like that).

    I've been using
    #NeoChat but I swear Element's the best #Matrix client and I miss having it.

    ---

    edit: omfg, a workaround was found apparently since I last looked into this a ~year ago. Adding
    org.kde.kwalletd6 to its 'Session Bus' list (i.e. through #Flatseal) works! I can happily use Element again!!! 🥳

    🔗 https://github.com/flathub/im.riot.Riot/issues/528#issuecomment-2984156871

  2. Why is this still an issue on #Element :))

    It's been a thing for mooooonths (or a year?) despite not being an issue before, and I'm not sure if it's to do with Element or
    #KDE/#Kwallet (or something else entirely i.e. #Flatpak). The last time I had an issue relating to Kwallet was with #VSCode and even that required some weird workaround (IIRC, lying that we're using #GNOME 's keychain or smtg like that).

    I've been using
    #NeoChat but I swear Element's the best #Matrix client and I miss having it.

    ---

    edit: omfg, a workaround was found apparently since I last looked into this a ~year ago. Adding
    org.kde.kwalletd6 to its 'Session Bus' list (i.e. through #Flatseal) works! I can happily use Element again!!! 🥳

    🔗 https://github.com/flathub/im.riot.Riot/issues/528#issuecomment-2984156871

  3. Why is this still an issue on #Element :))

    It's been a thing for mooooonths (or a year?) despite not being an issue before, and I'm not sure if it's to do with Element or
    #KDE/#Kwallet (or something else entirely i.e. #Flatpak). The last time I had an issue relating to Kwallet was with #VSCode and even that required some weird workaround (IIRC, lying that we're using #GNOME 's keychain or smtg like that).

    I've been using
    #NeoChat but I swear Element's the best #Matrix client and I miss having it.

    ---

    edit: omfg, a workaround was found apparently since I last looked into this a ~year ago. Adding
    org.kde.kwalletd6 to its 'Session Bus' list (i.e. through #Flatseal) works! I can happily use Element again!!! 🥳

    🔗 https://github.com/flathub/im.riot.Riot/issues/528#issuecomment-2984156871

  4. Why is this still an issue on #Element :))

    It's been a thing for mooooonths (or a year?) despite not being an issue before, and I'm not sure if it's to do with Element or
    #KDE/#Kwallet (or something else entirely i.e. #Flatpak). The last time I had an issue relating to Kwallet was with #VSCode and even that required some weird workaround (IIRC, lying that we're using #GNOME 's keychain or smtg like that).

    I've been using
    #NeoChat but I swear Element's the best #Matrix client and I miss having it.

    ---

    edit: omfg, a workaround was found apparently since I last looked into this a ~year ago. Adding
    org.kde.kwalletd6 to its 'Session Bus' list (i.e. through #Flatseal) works! I can happily use Element again!!! 🥳

    🔗 https://github.com/flathub/im.riot.Riot/issues/528#issuecomment-2984156871

  5. Why is this still an issue on #Element :))

    It's been a thing for mooooonths (or a year?) despite not being an issue before, and I'm not sure if it's to do with Element or
    #KDE/#Kwallet (or something else entirely i.e. #Flatpak). The last time I had an issue relating to Kwallet was with #VSCode and even that required some weird workaround (IIRC, lying that we're using #GNOME 's keychain or smtg like that).

    I've been using
    #NeoChat but I swear Element's the best #Matrix client and I miss having it.

    ---

    edit: omfg, a workaround was found apparently since I last looked into this a ~year ago. Adding
    org.kde.kwalletd6 to its 'Session Bus' list (i.e. through #Flatseal) works! I can happily use Element again!!! 🥳

    🔗 https://github.com/flathub/im.riot.Riot/issues/528#issuecomment-2984156871

  6. KDE Plasma rinnova la gestione delle password con oo7 e il protocollo Secret Service per offrire maggiore sicurezza e integrazione. #KWallet #KDE #KDEPlasma #Linux

    linuxeasy.org/kde-plasma-passw

  7. #matrix app options on #kde atm kinda sucks. #element is the best, but it's now among a number of apps that don't (properly) support kde wallet/#kwallet so that's a no for a while now, which is a shame cos it's worked fine before. #nheko has been recommended, and it's pretty nice despite some rough edges, but it is honestly not that hard to come across several bugs that make it unusable. kde's own matrix app (forgot the name #neochat) is pretty rough on the edges too, a bit basic looking, but def a lot less buggy than nheko - it has some bugs of its own tho like 'quote' messages not working properly, at least when the quoted/replied message has a photo (it shows a thumbnail of the correct image, but opening it up shows a totally diff pic - for instance). all in all, ur best option is element's web app, but for a chat app u wish to use daily for a lot, it's kinda jank to always be looking for ur browser window/tab. the element app on other platforms like #ios and #macos just works tho so dats a fallback, if u use those.

  8. @johanneskastl

    Yes, just wanted to drop what I think is the case with #kwallet. Any process can request any data (correct me if I am wrong @kde)

    For encrypted user data at rest, #systemdHomed could work, but I have not seen easy implementations of that.

    #KeepassXC can also act as secret service. But A even #KeepassXCBrowser is kinda janky, and I like to have separate stores depending on the importance.

    (I am one of the people who use Firefoxes pw manager 🫣)

  9. @johanneskastl

    Yes, just wanted to drop what I think is the case with #kwallet. Any process can request any data (correct me if I am wrong @kde)

    For encrypted user data at rest, #systemdHomed could work, but I have not seen easy implementations of that.

    #KeepassXC can also act as secret service. But A even #KeepassXCBrowser is kinda janky, and I like to have separate stores depending on the importance.

    (I am one of the people who use Firefoxes pw manager 🫣)

  10. @johanneskastl

    Yes, just wanted to drop what I think is the case with #kwallet. Any process can request any data (correct me if I am wrong @kde)

    For encrypted user data at rest, #systemdHomed could work, but I have not seen easy implementations of that.

    #KeepassXC can also act as secret service. But A even #KeepassXCBrowser is kinda janky, and I like to have separate stores depending on the importance.

    (I am one of the people who use Firefoxes pw manager 🫣)

  11. @johanneskastl

    Yes, just wanted to drop what I think is the case with #kwallet. Any process can request any data (correct me if I am wrong @kde)

    For encrypted user data at rest, #systemdHomed could work, but I have not seen easy implementations of that.

    #KeepassXC can also act as secret service. But A even #KeepassXCBrowser is kinda janky, and I like to have separate stores depending on the importance.

    (I am one of the people who use Firefoxes pw manager 🫣)

  12. @johanneskastl

    Yes, just wanted to drop what I think is the case with #kwallet. Any process can request any data (correct me if I am wrong @kde)

    For encrypted user data at rest, #systemdHomed could work, but I have not seen easy implementations of that.

    #KeepassXC can also act as secret service. But A even #KeepassXCBrowser is kinda janky, and I like to have separate stores depending on the importance.

    (I am one of the people who use Firefoxes pw manager 🫣)

  13. Dear KDE Plasma Linux users,

    say I have a laptop with a LUKS-encrypted file system.
    Say this is a single user system.

    The user unlocks the device (before or after the bootloader, should not matter in this discussion) with a safe password.

    The user is logged in automatically in KDE Plasma.

    KWallet is set to have an empty password, to not ask the user for a password just to enable WiFi or similar (which is the only thing KWallet is being used for).

    The user still needs to enter the password after locking the screen, suspending the machine or similar.

    Passwords are still in a locked password safe (think KeePassXC or similar), so this requires unlocking with a safe password.

    Does anyone see major security flaws in this setup?

    Due to #EndOf10 I have converted some users to Linux, and having to enter your password multiple times is the only thing they find annoying...

    #Linux #KDE #Plasma #Security #LUKS #Encryption #Fedora #openSUSE #Kinoite #Tumbleweed #Kalpa #KWallet

  14. In regards to my distro transition, there's one thing I've been trying to figure out - and it's got nothing to do with either #Fedora or #CachyOS

    #Flathub is "in the works" still, imho. My biggest buglum bear being secrets keeping and how some #flatpak apps are biased towards using the #GNOME keyring directly instead of relying on any kind of #xdg middleman that handles secrets - i.e #secretsd.

    #KWallet works for what it needs to do, but going from GNOME to #Plasma is going to yield hiccups.

  15. Hmhm, diesmal war es wohl nicht die Schuld von Signal, sondern… *Trommelwirbel* … #KWallet? Der Vivaldi-Browser zeigte beim Start nämlich auch eine Fehlermeldung an, er könne nicht auf den Schlüsselspeicher zugreifen. Daraufhin #KWalletManager gecheckt: Da sind u.a. Vivaldi und Signal drin. Nach einem Systemneustart funktioniert jetzt wider Erwarten Signal Desktop wieder (ohne Neueinrichtung), aber Vivaldi kann seine Schlüssel noch immer nicht freischalten…

    #KDE

  16. Hmhm, diesmal war es wohl nicht die Schuld von Signal, sondern… *Trommelwirbel* … #KWallet? Der Vivaldi-Browser zeigte beim Start nämlich auch eine Fehlermeldung an, er könne nicht auf den Schlüsselspeicher zugreifen. Daraufhin #KWalletManager gecheckt: Da sind u.a. Vivaldi und Signal drin. Nach einem Systemneustart funktioniert jetzt wider Erwarten Signal Desktop wieder (ohne Neueinrichtung), aber Vivaldi kann seine Schlüssel noch immer nicht freischalten…

    #KDE

  17. Hmhm, diesmal war es wohl nicht die Schuld von Signal, sondern… *Trommelwirbel* … #KWallet? Der Vivaldi-Browser zeigte beim Start nämlich auch eine Fehlermeldung an, er könne nicht auf den Schlüsselspeicher zugreifen. Daraufhin #KWalletManager gecheckt: Da sind u.a. Vivaldi und Signal drin. Nach einem Systemneustart funktioniert jetzt wider Erwarten Signal Desktop wieder (ohne Neueinrichtung), aber Vivaldi kann seine Schlüssel noch immer nicht freischalten…

    #KDE

  18. Hmhm, diesmal war es wohl nicht die Schuld von Signal, sondern… *Trommelwirbel* … #KWallet? Der Vivaldi-Browser zeigte beim Start nämlich auch eine Fehlermeldung an, er könne nicht auf den Schlüsselspeicher zugreifen. Daraufhin #KWalletManager gecheckt: Da sind u.a. Vivaldi und Signal drin. Nach einem Systemneustart funktioniert jetzt wider Erwarten Signal Desktop wieder (ohne Neueinrichtung), aber Vivaldi kann seine Schlüssel noch immer nicht freischalten…

    #KDE

  19. Hmhm, diesmal war es wohl nicht die Schuld von Signal, sondern… *Trommelwirbel* … #KWallet? Der Vivaldi-Browser zeigte beim Start nämlich auch eine Fehlermeldung an, er könne nicht auf den Schlüsselspeicher zugreifen. Daraufhin #KWalletManager gecheckt: Da sind u.a. Vivaldi und Signal drin. Nach einem Systemneustart funktioniert jetzt wider Erwarten Signal Desktop wieder (ohne Neueinrichtung), aber Vivaldi kann seine Schlüssel noch immer nicht freischalten…

    #KDE

  20. I've had this error tryna launch the #Element desktop #Flatpak app (#Matrix client) on #Linux ever since one of the #KDE Plasma updates, been a while now and it's still not going away. Are we supposed to wait for something, to have it fixed - or is there something we have to do that can get it fixed? Looks like an #Electron or #kwallet issue. The only workaround for now, is to use their web client.

  21. having some weird issues with kwallet

    not sure what's going on, applications can't access the data they've previously stored inside it

    #KDE #kwallet

  22. Just figured out how to set up #pythonUv to use #kwallet

    need env variables with user name and keyring provider (subprocess), keyring python package installed (pipx) and password set with command:
    keyring set ${API endpoint} ${remote user name}
    provide token when prompted. That's it!

  23. #KDE 's keyring/wallet situation (#kwallet) is always such a mess lol. It was an issue for a long while on #VSCode, it's causing me issues now for #Element (#Matrix). Still tryna figure out what's the problem and how to fix it.

  24. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  25. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  26. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  27. #linuxhint - automatic opening of kde vaults on login
    first step is to make your vault with #gocryptfs for example for ~/Documents. then create an entry in #kwallet by creating a password in your "Passwords"-group (create it too if not present) named "vaultpass" and enter the password you used for ~/Documents. then create a bash script and let it autostart:
    gocryptfs --extpass="kwallet-query -f Passwords -r vaultpass kdewallet" [.enc folder] ~/Documents

    have fun :)

    github.com/rfjakob/gocryptfs/w

  28. Finally figured out a way to achieve this and the solution is simple enough for me.

    The initial guide on my
    #Linux Wiki was on how to make your #KDEPlasma desktop acquire your #SSH and #GPG passphrases graphically and by also utilising your #Kwallet for a seamless experience of storing/reading them to/from it (i.e. like you'd normally get on #macOS with its #Keychain).

    This introduced an unwanted behaviour though whereby it'd still attempt to do that (and fail) even when you have no access to the desktop graphically (i.e. when you're logged into the desktop through a remote SSH connection).

    I've now updated my guide on how to address this - ultimately making your system get these passphrases graphically/from the
    #KDE Wallet when it's able to, otherwise opt to get them from the terminal instead if your user does not currently have access to a graphical session.

    🔗 https://github.com/irfanhakim-as/linux-wiki/blob/master/topics/kwallet.md#setup

    RE:
    https://sakurajima.social/notes/9z8et8kvz3

  29. Why is it so hard to implement a way to smartly determine whether to use a graphical #pinentry (like pinentry-kwallet for #KDE/#Kwallet users) when you're using a desktop graphically, or fallback to a terminal-based pinentry when it should know if you cannot respond to a graphical prompt i.e. when you're in an SSH connection.

    I've been trying to achieve this for so long, in so many different ways and nothing seems to work - nothing not too
    janky to maintain that is. How do you do this on #Linux (specifically #ArchLinux though it shouldn't matter)? This honestly should be the default behaviour cos I couldn't think of a situation where this behaviour I'm expecting isn't the most sensible.

  30. Why is it so hard to implement a way to smartly determine whether to use a graphical #pinentry (like pinentry-kwallet for #KDE/#Kwallet users) when you're using a desktop graphically, or fallback to a terminal-based pinentry when it should know if you cannot respond to a graphical prompt i.e. when you're in an SSH connection.

    I've been trying to achieve this for so long, in so many different ways and nothing seems to work - nothing not too
    janky to maintain that is. How do you do this on #Linux (specifically #ArchLinux though it shouldn't matter)? This honestly should be the default behaviour cos I couldn't think of a situation where this behaviour I'm expecting isn't the most sensible.

  31. Why is it so hard to implement a way to smartly determine whether to use a graphical #pinentry (like pinentry-kwallet for #KDE/#Kwallet users) when you're using a desktop graphically, or fallback to a terminal-based pinentry when it should know if you cannot respond to a graphical prompt i.e. when you're in an SSH connection.

    I've been trying to achieve this for so long, in so many different ways and nothing seems to work - nothing not too
    janky to maintain that is. How do you do this on #Linux (specifically #ArchLinux though it shouldn't matter)? This honestly should be the default behaviour cos I couldn't think of a situation where this behaviour I'm expecting isn't the most sensible.

  32. Why is it so hard to implement a way to smartly determine whether to use a graphical #pinentry (like pinentry-kwallet for #KDE/#Kwallet users) when you're using a desktop graphically, or fallback to a terminal-based pinentry when it should know if you cannot respond to a graphical prompt i.e. when you're in an SSH connection.

    I've been trying to achieve this for so long, in so many different ways and nothing seems to work - nothing not too
    janky to maintain that is. How do you do this on #Linux (specifically #ArchLinux though it shouldn't matter)? This honestly should be the default behaviour cos I couldn't think of a situation where this behaviour I'm expecting isn't the most sensible.

  33. Why is it so hard to implement a way to smartly determine whether to use a graphical #pinentry (like pinentry-kwallet for #KDE/#Kwallet users) when you're using a desktop graphically, or fallback to a terminal-based pinentry when it should know if you cannot respond to a graphical prompt i.e. when you're in an SSH connection.

    I've been trying to achieve this for so long, in so many different ways and nothing seems to work - nothing not too
    janky to maintain that is. How do you do this on #Linux (specifically #ArchLinux though it shouldn't matter)? This honestly should be the default behaviour cos I couldn't think of a situation where this behaviour I'm expecting isn't the most sensible.

  34. I tried a bunch of things at this point so that nested SSH could still work but fucking no so far, which is pretty goddamn annoying.

    I just want so that the system prompts for a(n SSH) passphrase graphically, with the option to save it to the system's wallet (i.e.
    #KWallet) so it can/will be read from that point forward. I've achieved this.

    But I also want so that if I remote into that same system, I could still continue (nested) SSH-ing and have it ask for the passphrase in the terminal
    normally, since, I reckon it cannot access the wallet (graphically) in the SSH session.

    How tf do you achieve this on
    #Linux/#KDEPlasma?

  35. the only #KDE Wallet thing I haven't been able to quite figure out is getting it to work with the secret services like in (#Flatpak) #VSCode.

    In VS Code, I had configured the runtime argument and set this value:

    "password-store": "gnome-libsecret",

    and while that works on my main PC, it's not on my laptop. The difference between the two devices is that, on my primary PC, my wallet isn't secured by a password (bcos my desktop is set to autologin) so I guess that's enough for the wallet to be unlocked/read by VS Code.

    On this laptop, I do secure it with the same password as the user password, and I had disabled desktop autologin so that when I authenticate to get into my desktop - my wallet gets unlocked automatically. Somehow though, VS Code doesn't seem to attempt to use
    #Kwallet and keeps asking me to authenticate manually (to #GitHub, etc.).

    Please help :))

  36. How the hell does one delete a #KDE Wallet... wallet? For some bloody reason searching for this returns only results on how to disable it which isn't what I want - I just wanna delete a wallet I created cos for some bloody reason #KDEPlasma does not seem to have a graphical way of doing that. If I could create it, surely I could delete it, no?

    This also seems like the perfect op to mention about how I will never understand why the fuck KDE Wallet is so complicated and impossible to use, compared to
    #macOS's Keychain or perhaps even #GNOME's from what I can tell based on others also complaining about #Kwallet.

  37. Got it working by unchecking "Git: Use Integrated Ask Pass" in the #VSCode settings. Now it pops up the #kwallet dialog asking for my username for Codeberg.

    #git #VisualStudioCode #programming

  38. Has anyone else had #VSCode not use their #Kwallet credentials and instead opens its own popup to ask for your password? I'm going to try some stuff from the #Arch wiki to see if that works. This is the build from Arch's repos and not the #AUR or the official #Microsoft build.

    #programming #VisualStudioCode #ArchLinux #Linux

  39. Wrote a little #HowToGuide just now, mainly to keep for later dates if I go #DistroHopping again =)

    Letting #KWallet in #KDE #Plasma remember your passphrases for private SSH keys you use on your computer

    axelrafn.org/blog/ssh-keys-in-

  40. The @kde file manager #dolphin and the password manager #kwallet save me sooooo much time every day. Integration is the best feature.

  41. If anybody's encountering this issue on #KDE #PlasmaDesktop (and #Kwallet) with #VSCode, at least the #Flatpak version, there's an "official" workaround to this. Check the linked issue or documentation for the solution.

    🔗 https://github.com/microsoft/vscode/issues/189672

    🔗 https://code.visualstudio.com/docs/editor/settings-sync#_kde

    RE:
    https://firefish.social/notes/9hqdhqbpj4bimd6s

  42. Still getting this #bug, and it's really, really annoying. Pretty sure it's a #VSCode issue at this point somehow not using/recognising #KDE #Kwallet.

    It works perfectly fine before, but seems like VS Code had changed the way they store stuffs in the keyring since v1.80 or something like that. I don't find any Kwallet users reporting this bug though, most of them were other wallet users, especially
    #Gnome's.

    RE:
    https://firefish.social/notes/9hqdhqbpj4bimd6s

  43. I've noticed a bug in #Plasma when running #Wayland I'm not able to run #sshagent so I only need to put my passphrase once in. I always get the passphrase question before each #SSH session But when running in #X11 I get a question as soon as I log in from a #GUI tool (#Kwallet I think) for me to unlock the key and everything works fine.

  44. I've noticed a bug in #Plasma when running #Wayland I'm not able to run #sshagent so I only need to put my passphrase once in. I always get the passphrase question before each #SSH session But when running in #X11 I get a question as soon as I log in from a #GUI tool (#Kwallet I think) for me to unlock the key and everything works fine.

  45. Not sure if this is a #bug with #VSCode (1.80.1) or #Kwallet but I keep getting this keyring error now each time I open a new VS Code session/window. For me to use stuffs that are locked behind an authentication, like #Copilot, it requires me to click the link that authenticates to #GitHub via my browser instead of authenticating itself automatically using the wallet like it did before. Since I clearly use VS Code daily and frequently have a bunch of repos opened at once, this is real annoying.

  46. Дошли руки до #fprint настроить на моем новом ноуте. Оказалось не просто, а очень просто. Теперь открываю локскрин одним прикосновением пальца.

    Два момента. В современной Плазме совсем нестрашно не ставить ввод пароля впереди остальных методов, как советует #archwiki. #Плазма всё равно спросит пароль, если всё остальное не сработает.

    Второй момент, я не стал ставить фпринт в #SDDM, потому что на старте всё равно пароль нужен, чтобы расшифровать #KWallet. Ну а раз пароль всё равно надо вводить, то почему бы и не ввести его в положенном месте.

    А вы какие ещё интересные моменты знаете про сканер пальца на ноутбуках?

  47. Дошли руки до #fprint настроить на моем новом ноуте. Оказалось не просто, а очень просто. Теперь открываю локскрин одним прикосновением пальца.

    Два момента. В современной Плазме совсем нестрашно не ставить ввод пароля впереди остальных методов, как советует #archwiki. #Плазма всё равно спросит пароль, если всё остальное не сработает.

    Второй момент, я не стал ставить фпринт в #SDDM, потому что на старте всё равно пароль нужен, чтобы расшифровать #KWallet. Ну а раз пароль всё равно надо вводить, то почему бы и не ввести его в положенном месте.

    А вы какие ещё интересные моменты знаете про сканер пальца на ноутбуках?