|

Possible conceptual problem between VINO and Gnome-keyring

View: New views

6 Messages — Rating Filter: Alert me

	Possible conceptual problem between VINO and Gnome-keyring by Tiago "Salvador" Souza :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello everyone, I do not know if anyone else noticed this "problem" per see, but it seems to me that the way the Vino uses gnome-keyring to store its passwords might be a little problematic. Imagine the following scenario: 1 - Turn on the Machine 2 - Log on to Gnome and "leave" to another location 3 - Go to another computer and try to login to the machine remotely This fails, because gnome-keyring will prompt for the user to unlock the keyring before allowing vino to access the password, thus making you unable to login. I believe this only happens if you set a password to protect the remote desktop access, but if interaction from the local user was needed, one could just mark the checkbox that asks for authorization from the user before passing the control to vino. In this situation, what would be the "problem"? The way vino handles the passwords or the keyring? If the second, maybe an option to have a secondary "open" keyring that is opened as soon as you login to the machine? Best wishes Tiago "Salvador" Souza -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmQK9QACgkQcpvZv1VuUs37LgCgpyafjWJvlCm0ysA6K8V6lp7F NKAAoLb67TI9EwAD9ewen6idE7nmec3G =JB2j -----END PGP SIGNATURE----- _______________________________________________ gnome-devel-list mailing list gnome-devel-list@... http://mail.gnome.org/mailman/listinfo/gnome-devel-list
	Re: Possible conceptual problem between VINO and Gnome-keyring by Wouter Bolsterlee-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message 2009-02-09 klockan 14:12 skrev Tiago Salvador Souza: > This fails, because gnome-keyring will prompt for the user to unlock the > keyring before allowing vino to access the password, thus making you > unable to login. My default keyring is unlocked upon login by libpam-keyring. — Wouter _______________________________________________ gnome-devel-list mailing list gnome-devel-list@... http://mail.gnome.org/mailman/listinfo/gnome-devel-list signature.asc (253 bytes) Download Attachment
	Re: Possible conceptual problem between VINO and Gnome-keyring by Tiago "Salvador" Souza :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wouter Bolsterlee wrote: > 2009-02-09 klockan 14:12 skrev Tiago Salvador Souza: >> This fails, because gnome-keyring will prompt for the user to unlock the >> keyring before allowing vino to access the password, thus making you >> unable to login. > > My default keyring is unlocked upon login by libpam-keyring. > > ? Wouter Hmm, that would make sense, thanks Wouter. So if you are not using PAM you pretty much will have to deal with that correct? Best Wishes Tiago A Souza -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmQXZsACgkQcpvZv1VuUs3zsACg1KyBfpwpC2aiXc0N+zLmSywQ MicAnivaFRwldMaLepEAbU6ZGndAHY0P =Vg9c -----END PGP SIGNATURE----- _______________________________________________ gnome-devel-list mailing list gnome-devel-list@... http://mail.gnome.org/mailman/listinfo/gnome-devel-list
	Re: Possible conceptual problem between VINO and Gnome-keyring by Xavier Bestel :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Mon, 2009-02-09 at 14:45 -0200, Tiago "Salvador" Souza wrote: > Wouter Bolsterlee wrote: > > 2009-02-09 klockan 14:12 skrev Tiago Salvador Souza: > >> This fails, because gnome-keyring will prompt for the user to unlock the > >> keyring before allowing vino to access the password, thus making you > >> unable to login. > > > > My default keyring is unlocked upon login by libpam-keyring. > > > > ? Wouter > > Hmm, that would make sense, thanks Wouter. So if you are not using PAM > you pretty much will have to deal with that correct? Or maybe Vino should try to access the keyring right at startup, so that if the keyring is still locked the dialog pops when the user is there. Xav _______________________________________________ gnome-devel-list mailing list gnome-devel-list@... http://mail.gnome.org/mailman/listinfo/gnome-devel-list
	Re: Possible conceptual problem between VINO and Gnome-keyring by Tiago "Salvador" Souza :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xavier Bestel wrote: > On Mon, 2009-02-09 at 14:45 -0200, Tiago "Salvador" Souza wrote: >> Wouter Bolsterlee wrote: >>> 2009-02-09 klockan 14:12 skrev Tiago Salvador Souza: >>>> This fails, because gnome-keyring will prompt for the user to unlock the >>>> keyring before allowing vino to access the password, thus making you >>>> unable to login. >>> My default keyring is unlocked upon login by libpam-keyring. >>> >>> ? Wouter >> Hmm, that would make sense, thanks Wouter. So if you are not using PAM >> you pretty much will have to deal with that correct? > > Or maybe Vino should try to access the keyring right at startup, so that > if the keyring is still locked the dialog pops when the user is there. > > Xav > > That would work well for non pam aware systems. I noticed that eventually it tries to access the keyring, but it is after a good while from login -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmQajMACgkQcpvZv1VuUs2XvgCgsZFWWMzgwl1ffGubZB1OUB2a TsYAmwf3dfVso40LoUw62mPSCdtv2Jap =1cQQ -----END PGP SIGNATURE----- _______________________________________________ gnome-devel-list mailing list gnome-devel-list@... http://mail.gnome.org/mailman/listinfo/gnome-devel-list
	Re: Possible conceptual problem between VINO and Gnome-keyring by Tiago "Salvador" Souza :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xavier Bestel wrote: > On Mon, 2009-02-09 at 14:45 -0200, Tiago "Salvador" Souza wrote: >> Wouter Bolsterlee wrote: >>> 2009-02-09 klockan 14:12 skrev Tiago Salvador Souza: >>>> This fails, because gnome-keyring will prompt for the user to unlock the >>>> keyring before allowing vino to access the password, thus making you >>>> unable to login. >>> My default keyring is unlocked upon login by libpam-keyring. >>> >>> ? Wouter >> Hmm, that would make sense, thanks Wouter. So if you are not using PAM >> you pretty much will have to deal with that correct? > > Or maybe Vino should try to access the keyring right at startup, so that > if the keyring is still locked the dialog pops when the user is there. > > Xav > > I think that's an interesting suggestion! It eventually tries to unlock the keyring, but after a while after you logged on Best Wishes Tiago "Salvador" Souza -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmQvMMACgkQcpvZv1VuUs1mTwCePf/UA7Ak7guOXAyweW8oq/z1 Y68AnjN1xRapjBzL06C+2u1N5BXLB9fy =MsBu -----END PGP SIGNATURE----- _______________________________________________ gnome-devel-list mailing list gnome-devel-list@... http://mail.gnome.org/mailman/listinfo/gnome-devel-list