Bug 588080 - need option to throw away key materials after some time
Summary: need option to throw away key materials after some time
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: gnome-keyring   
(Show other bugs)
Version: rawhide
Hardware: All Linux
low
low
Target Milestone: ---
Assignee: Matthias Clasen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-02 14:58 UTC by Frank Ch. Eigler
Modified: 2015-03-25 12:28 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
GNOME Bugzilla 617527 None None None Never

Description Frank Ch. Eigler 2010-05-02 14:58:26 UTC
There appears to be no preference available for gnome-keyring-daemon
to have it destroy unlocked key materials such as ssh private keys after a 
certain period of elapsed or idle time.  It would be nice if, like sudo,
such unlocked keys were optionally time-limited.  See ssh-agent -t LIFETIME.

Comment 1 Tomáš Bžatek 2010-05-03 13:54:06 UTC
Filed upstream: https://bugzilla.gnome.org/show_bug.cgi?id=617527

Comment 2 Fedora Admin XMLRPC Client 2013-05-08 22:41:21 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 3 Craig Ringer 2015-03-25 07:59:20 UTC
In particular, it really needs a way to clear key material when the machine is suspended.

There's nothing like discovering that GNOME has taken it upon its self to cache your PGP private key in memory while the machine is asleep, so you go to decrypt some sensitive financial information and wham, it just spits it out on the console with no password prompt.

That was the point when I went into "burn it with fire" mode with gnome-keyring. This is a horrendous security bug.

(Worse, if you check the option to remember the key, it's not easy to then *unremember* it later).

To disable GNOME keyring daemon's ssh and gpg support in today's GNOME flavour (3.14):

* Add 'Hidden=true' to the ssh and gpg files for gnome-keyring-daemon in /etc/xdg/autostart/

* Create /etc/X11/xinit/xinitrc.d/ssh-agent.sh conaining:

#!/bin/bash
eval `ssh-agent`

* chmod a+x /etc/X11/xinit/xinitrc.d/ssh-agent.sh

* Log out, log in, breathe sigh of relief.

Comment 4 Craig Ringer 2015-03-25 08:12:51 UTC
See also #1205552

Comment 5 Matthias Clasen 2015-03-25 12:28:43 UTC
(In reply to Craig Ringer from comment #3)
 
> * Log out, log in, breathe sigh of relief.

Glad you feel better :-)

In the meantime, I suggest following the upstream bug wrt to progress in this area.


Note You need to log in before you can comment on or make changes to this bug.