recording and retrieving "secrets" into gpg files
Damien Goutte-Gattat
dgouttegattat at incenp.org
Sun Oct 2 09:52:22 CEST 2016
On 10/02/2016 12:10 AM, Arbiel (gmx) wrote:
> In fact, I wish to record "secrets" in gnome-keyrings, as seahorse does,
> and I am looking for tutorials which explain how to do so with bash
> scripts, which are the only "programs" I am able to write.
Then you might have a look at the secret-tool program (in the
libsecret-tools package), which is a command-line client (so, it should
be scriptable with bash) to the secret service [1].
(The "secret service" is the service responsible for managing the
keyrings. Seahorse is only a client for that service, it does not
manipulate the keyring itself.)
E.g., to store a secret into the default keyring:
$ echo -n "mysecret" | secret-tool store --label="A secret" \
hostname www.example.com
where "mysecret" is the secret to store, "A secret" is the name that
will be displayed in Seahorse, and "hostname www.example.com" is a key
value pair that you can later use to search for this secret.
To retrieve this secret:
$ secret-tool search hostname www.example.com
You will not have to use GnuPG. In fact, as far as I know GnuPG is not
involved anywhere --- the secret service daemon encrypts the keyring
itself, it does not use GnuPG for that.
Hope that helps,
Damien
[1] https://specifications.freedesktop.org/secret-service/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161002/e654db0d/attachment.sig>
More information about the Gnupg-users
mailing list