2

I'm making a vala application that stores user access credentials in a Gnome Keyring. If no keyring exists for the application, I'd like to create one; however, I would like to create a new keyring. Unfortunately, I don't know how to securely generate a password for the new keyring nor store it someplace so my application can use it later. As it is an open source project, I don't think I should hardcode it into my program and storing it in a hidden conf file would defeat the purpose of using the keyring.

How can I securely generate it and then store it?

weberc2
  • 7,423
  • 4
  • 41
  • 57
  • same dilemma here !! haha 10 years later – ChesuCR Jul 01 '22 at 08:40
  • I think the alternatives are: store the password into a file with just reading and writing permissions for the owner, this is 0600, or the other way to unlock the keyring is to introduce the password manually. A supposed hacker would to log into the root account or your user in order to read the password, and if they can do that then they can do whatever they want in the system or your app – ChesuCR Jul 05 '22 at 10:25
  • So if you need to do it programmatically I'm afraid you only can do the first approach storing the password in a file – ChesuCR Jul 05 '22 at 10:28

0 Answers0