piorkov
commented
1 year ago Pull request #9251
Open piorkov opened 1 year ago
piorkov
commented
1 year ago Pull request #9251
aitorpazos
commented
6 months ago Hey team, another user here who would love to have this feature available. I see #9251 conversation revolves around a refactoring needed, but from a user perspective I would love to see this feature being available.
It is blocking me from being able to startup keepassxc on login and make it my default secrets service provider as there are a bunch of apps that would try to read from that service on startup and having them failing to do so on startup (as it may take a while for me to open the GUI and unlock the DB) results on a bunch of credential request dialogs and failure messages from those apps.
droidmonkey
commented
6 months ago In all technicality, you should be writing bugs against those software items that don't behave correctly in the absence of an unlocked password store. They should wait patiently for the store to be unlocked and/or offer the user an easy way to retrigger authentication after unlock is done. That is how the secret service specification is written.
Summary
I really miss the ability to unlock the database in the GUI in case yubikey is used for encryption. Similar functionality is already added to CLI, but it is missing for GUI and DBUS.
It would be useful to add an analogous yubikey parameter as this added to CLI, as well as a method in DBUS which also handles yubikey
Examples
Add param:
--yubikey <slot[:serial]> YubiKey slot and optional serial used to access the database (e.g., 1:7370001).Example:keepassxc <db> --pw-stdin --yubikey 1:7370001Add dbus method:Context
I would like to use an external tool to unlock the database in the GUI, but as my database uses yubikey I can't do it in a simple way (Yes I know that the program remembers the yubikey used previously, but for me it is not enough)