This repository has been archived by the owner on Jun 13, 2021. It is now read-only.
forked from mdlavin/firefox-gnome-keyring
-
Notifications
You must be signed in to change notification settings - Fork 2
/
README
106 lines (86 loc) · 4.73 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
A mozilla extension to store passwords and form logins in gnome-keyring
This replaces the default password manager in Firefox and Thunderbird
with an implementation which uses Gnome Keyring. This is a centralised
system-based password manager, which is more simple to handle than
per-application management.
You can find more technical information on bugzilla[1] or on the github
project pages[2].
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=309807
[2] https://github.com/mdlavin/firefox-gnome-keyring
## Usage
You can change the keyring in which passwords are saved by creating or
editing the preference item "extensions.gnome-keyring.keyringName". The
default keyring is "mozilla". This is a per-profile setting, so if you
don't manually change it, all profiles will share the same keyring.
You can backup your passwords easily, separately from the rest of your
mozilla profile. Your keyrings are stored ~/.gnome2/keyrings - even
gnome-keyring 3.2 does this, although this may change in the future.
You can also take advantage of the more fine-tuned keyring management
features of gnome-keyring, such as:
- no need to prompt for password, if you store in the "login" keyring
and the password for that keyring is the same as your login password.
- if the keyring is already open, don't need to prompt for a password
each time you start Firefox or Thunderbird.
- you can explicitly re-lock the keyring when you feel you need to.
- in gnome-keyring 3, you can set policies to automatically re-lock the
keyring after e.g. a certain amount of time, or a certain amount of
time being idle.
- in gnome-keyring 3, the keyring password prompt disables keyboard
input to other windows, so you don't need to worry about accidentally
typing it somewhere you shouldn't
Note: gnome-keyring stores the passwords encrypted on permanent storage
but it keeps unlocked passwords in memory without encryption. As a
result, programs with access to the memory space of gnome-keyring (such
as debuggers and applications running as root) may be able to extract
the passwords. The same applies to the default Firefox and Thunderbird
implementations, so this extension should not be any less secure.
## Migrating old passwords
Currently there is no migration facility. If you have many passwords in
the default password manager, you'll need to manually transfer them
to gnome-keyring:
* create a TEMP profile, and install/enable this extension in it
* in the TEMP profile, edit extensions.gnome-keyring.keyringName to
whatever you eventually want to use
* restart the TEMP profile for setting changes to take effect
* open up the SUBJ profile using "firefox -no-remote -P <SUBJ name>"
so that you have *both* profiles open
* open up the password manager on the SUBJ profile
* for each website list, visit it in the TEMP profile and login again,
which should trigger the "save password" prompt
* In the password manager for Firefox 7+ you can right-click and do
"copy password", which makes this a little easier. For earlier
versions, you'll need to manually type the password. Sorry.
* close the TEMP profile and delete it.
* in the SUBJ profile, install/enable this extension, and edit
extensions.gnome-keyring.keyringName to whatever you chose before
* restart the SUBJ profile for setting changes to take effect
Your old data in the default password manager remains untouched, so you
also need to delete that manually if you want to. This is done by going
to your profile folder, and deleting the key3.db and signons.sqlite
files (signons.txt/signons2.txt for older versions). The old data may
still be forensically retrievable from your disk, but it was encrypted
anyway so it shouldn't matter too much.
Deleting old data will also clear the master password for the default
password manager. If you don't clear it, you'll still be asked for it
when you choose to "show passwords", even if this extension is active.
## Developer information
Build dependencies:
* libgnome-keyring-devel (may be called libgnome-keyring-dev)
* xulrunner-devel (may be called xulrunner-dev)
Tested on:
- Debian wheezy/sid:
- Iceweasel 7.0.1, 8.0, 9.0.1, 10.0 - by infinity0
- Gnome Keyring 2.32, 3.2.2 - by infinity0
- Ubuntu 10.04 with Firefox 3.6.7 by <[email protected]>
- Ubuntu 10.10 with Firefox 3.6.12 and Thunderbird 3.1.6 (see bugs)
- Gentoo Linux with Firefox 3.6.12 and Thunderbird 3.1.6
- Arch Linux
Known Bugs:
- Problems on Ubuntu 8.10 with Thunderbird 3.1.6:
It is necessary to copy libxul.so and libxpcom.so from
/usr/lib/xulrunner-*/ into /usr/lib/thunderbird-*/ folder.
See issue #4. I'd be thankful for any hints why this problem exists,
and its status on different distributions.
- There is no problem on gentoo.
--
#4: https://github.com/mdlavin/firefox-gnome-keyring/issues/#issue/4