recording and retrieving "secrets" into gpg files

Arbiel (gmx) arbiel.perlacremaz at gmx.fr
Mon Oct 3 16:28:07 CEST 2016


Hi Damien

It's exactly what I was looking for.

Thank you a lot.

Arbiel

Le 02/10/2016 à 09:52, Damien Goutte-Gattat a écrit :
> On 10/02/2016 12:10 AM, Arbiel (gmx) wrote:
>> In fact, I wish to record "secrets" in gnome-keyrings, as seahorse does,
>> and I am looking for tutorials which explain how to do so with bash
>> scripts, which are the only "programs" I am able to write.
> 
> Then you might have a look at the secret-tool program (in the
> libsecret-tools package), which is a command-line client (so, it should
> be scriptable with bash) to the secret service [1].
> 
> (The "secret service" is the service responsible for managing the
> keyrings. Seahorse is only a client for that service, it does not
> manipulate the keyring itself.)
> 
> E.g., to store a secret into the default keyring:
> 
>   $ echo -n "mysecret" | secret-tool store --label="A secret" \
>     hostname www.example.com
> 
> where "mysecret" is the secret to store, "A secret" is the name that
> will be displayed in Seahorse, and "hostname www.example.com" is a key
> value pair that you can later use to search for this secret.
> 
> To retrieve this secret:
> 
>   $ secret-tool search hostname www.example.com
> 
> You will not have to use GnuPG. In fact, as far as I know GnuPG is not
> involved anywhere --- the secret service daemon encrypts the keyring
> itself, it does not use GnuPG for that.
> 
> Hope that helps,
> 
> Damien
> 
> 
> [1] https://specifications.freedesktop.org/secret-service/
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161003/cf24f9f1/attachment.sig>


More information about the Gnupg-users mailing list