Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

kwalletaskpass(1) [debian man page]

KWALLETASKPASS(1)					    BSD General Commands Manual 					 KWALLETASKPASS(1)

NAME

     kwalletaskpass -- kwallet-based pass-phrase dialog for use with OpenSSH

SYNOPSIS

     kwalletaskpass [options] label

DESCRIPTION

     kwalletaskpass is a kwallet- and pinentry-based pass-phrase dialog for use with OpenSSH.  It is intended to be called from the ssh-add(1)
     programme and not invoked directly.

     If a passphrase is requested, kwalletaskpass works by first looking up the passphrase in the KWallet by means of kwalletcli(1); using it if
     found, then calling kwalletcli_getpin(1) to interactively retrieve an answer from the user via pinentry otherwise.  If the user specifies a
     passphrase, kwalletcli_getpin(1) is run again to ask if the passphrase should be stored in the KWallet.  Negative answers will be stored in
     the KWallet to avoid being asked each time.  kwalletaskpass uses the KWallet folders kwalletaskpass and kwalletaskpass-blacklist with match-
     ing entry names.

     If anything other than a key passphrase is requested, it is merely relayed to kwalletcli_getpin(1).  Some requests are known to require a
     boolean answer and are relayed using the boolean query flag; all others are relayed using a PIN query.  ssh(1) accepts either the literal
     word ``yes'' (case-insensitively matched) or an empty answer (both only when using the OK button) as confirmation.

     There are currently no options.

RETURN VALUES

     kwalletaskpass exits 0 on success, 1 if the user cancelled the dialogue, or >1 if an error occured.

ENVIRONMENT

     DISPLAY   The X11 display to use for child processes.  If this is unset or empty, kwalletcli will not be called.

     PINENTRY  The pinentry programme to use.  The default is inherited from kwalletcli_getpin(1).

SEE ALSO

     kwalletcli(1), kwalletcli_getpin(1), ssh-add(1), ssh-askpass(1)

AUTHORS

     kwalletaskpass was written by Thorsten Glaser <tg@mirbsd.org> mostly for tarent GmbH.  The idea came from an askpass.C file found somewhere
     on the 'net, with no author information.  Since it was licenced less freely, this is a rewrite from scratch; modular and with more function-
     ality, too.

BSD
								   April 9, 2011							       BSD

Check Out this Related Man Page

KWALLETCLI(1)						    BSD General Commands Manual 					     KWALLETCLI(1)

NAME

     kwalletcli -- command line interface to the KDE Wallet

SYNOPSIS

     kwalletcli [-q] -hV
     kwalletcli [-q] -f folder -e entry [-P | -p password]

DESCRIPTION

     The kwalletcli utility is a command line interface to KWallet.  It will only work if KDE is running (DCOP) and reachable (via X11).
     kwalletcli can be used to get password entries from the Wallet, or to write them there.

     The options are as follows:

     -e entry	  Define the key (entry) to use when accessing the Wallet.  Mandatory.

     -f folder	  Set the folder to use when accessing the Wallet.  Mandatory.

     -h 	  Display the usage.

     -P 	  Read the password to write from standard input.  Currently limited to 65535 octets.

     -p password  Write password into the designated location in the Wallet.

     -q 	  Be more quiet.  In combination with -V, do not display anything.

     -V 	  Display the kwalletcli version information.

     Default mode of operation, that is, unless -P or -p are used, is to read the password from the Wallet and print it to standard output as-is,
     without any trailing newline.

     All input and output is assumed to be in UTF-8.  The password string (whether read from standard input or command line) is now converted from
     ``possibly UTF-8 but binary transparent'' to standards-conformant UTF-8 for the Qt side, and back upon reading out.

RETURN VALUES

     The kwalletcli utility exits 0 on success or >0 if an error occurred:

     1	  The entry specified cannot be found (read access).

     2	  The usage was shown.

     3	  The Wallet could not be opened.  May be a missing DCOP connection.  Perhaps DISPLAY is not set.

     4	  The folder specified cannot be found (read access).

     5	  The folder specified cannot be opened.

     6	  The value to the key specified could not be retrieved.

     8	  An error occured trying to write the value.

     The exit codes 1 and 4, on reading, are not fatal; they merely indicate that the folder or entry specified does not exist.  The other errors
     are fatal and may be used to indicate the user that the KWallet should not be used any more during the current session.

ENVIRONMENT

     DISPLAY  The X11 display to use for communicating with the KDE Wallet.

SEE ALSO

     kwalletcli_getpin(1)

AUTHORS

     kwalletcli was written by Thorsten Glaser <tg@mirbsd.org> mostly for tarent GmbH.

CAVEATS

     Do not use -p password to store it, unless you absolutely must.  It is a security risk, because the command line invocation is public infor-
     mation in a normal Unix environment.  Use -P instead and provide the password on standard input.

     Beware of trailing newlines, especially outside of mksh(1) scripts!

BUGS

     If DISPLAY is not set, not valid, or kdeinit or kdeinit4 cannot start for other reasons, kwalletcli may not recover gracefully.  In KDE 4
     versions, this may even result in a Segmentation fault.  The author does not know of a way to catch this early; patches are welcome.

     There is no way (yet) to set a wallet other than the default wallet.  While this is a possible enhancement to the kwalletcli CLI, there is no
     feasible way to expose this functionality to the various front-ends, such as pinentry-kwallet(1), anyway, so the priority of fixing this is
     low.

BSD
								   April 9, 2011							       BSD
Man Page