How to stop passwords being cached?
ubuntu-users-list at thomas.freit.ag
ubuntu-users-list at thomas.freit.ag
Mon Mar 1 20:29:20 UTC 2021
Hi Karl,
On 01.03.21 14:04, Karl Auer wrote:
> Can anyone tell me how (on Ubuntu 20.04) I can stop passwords and keys
> from being cached? Or (reliably and predictably) set a timeout period
> for how long they are cached?
>
[...]
> Basically I want my ssh and GPG keys to remain passphrase protected
> even if someone happens to get access to my unlocked system or
> compromise my login password.
You could use another tool, that provides an integration of the secrets
API from Freedesktop. I would recommend KeepassXC (https://keepassxc.org/),
which is a very good password safe running on Linux (as well as MacOs and
Windows if necessary). It has a neat browser integration and can serve
secrets via libsecret as well.
Beside the KeepassXC docs, I used https://c3pb.de/blog/keepassxc-secrets-service.html
and https://www.cogitri.dev/posts/03-keepassxc-freedesktop-secret/ for a good
start.
KeepassXC allows you to automatically lock the database on usage timeout, screen idle
or screen lock. Keep in mind, that KeepassXC really stores your passwords, however
you can encrypt the database with state of the art ciphers and a strong password
(additional key file and even hardware token like YubiKey).
hth.
Thomas
More information about the ubuntu-users
mailing list