Open a-xin opened 5 years ago
Hey, thank you for reaching out to us.
Android secret store is not available in termux. One workaround would be to try to run Keybase service with KEYBASE_SECRET_STORE_FILE=1
environment variable set. This will force it to use file-based secret store. Be advised that it's only as secure as your Termux home dir is, where Keybase device secrets will be stored when this flag is used.
Hi @zapu, thanks for your explanations! I gave that a try but didn't get any further.
export KEYBASE_SECRET_STORE_FILE=1
to .bashrc
echo $KEYBASE_SECRET_STORE_FILE
keybase service
keybase login
in a parallel tab
⇨ it exits with the same error as aboveActually, no matter if I do or don't set the env variable, keybase -debug -debug login
errors with the message:
secret_store_external:getGlobalExternalKeyStore called, but externalKeyStore is nil
.
Do I somehow also need to set (or create) a secret store file first?
Not sure if this helps, but checking logcat
in a parallel tab showed this error:
W keybase : type=1400 audit(0.0:42337): avc: denied { read } for name="/" dev="tmpfs" ino=15397 scontext=u:r:untrusted_app:s0:c249,c256,c512,c768 tcontext=u:object_r:device:s0 tclass=dir permissive=0
OK maybe this doesn't work the - I was told otherwise. I'm not a termux user but I will install it and try to figure it out. Thanks!
@a-xin I've been made aware that the change to enable KEYBASE_SECRET_STORE_FILE
on all platforms might not have been released yet. Can one build Keybase client from go source in termux and launch that?
@zapu Awesome - that solved it - thank you so much!
With keybase 3.3.0 (current master) I was able to login on Android 9.
My steps (for anyone else struggling with this):
KEYBASE_SECRET_STORE_FILE=1
before you run keybase service
(e.g. by adding export KEYBASE_SECRET_STORE_FILE=1
to your .bashrc
and opening a new session or sourcing it)keybase service
in one sessionkeybase login
in a parallel sessionsAmazing, thank you for trying this out. The new release should be out soon so running on Termux should become easier.
It probably makes sense to update that tutorial, the kbfs
package has moved inside of keybase/client
I have packaged up the keybase 4.0.0 client for termux. However, anyone have a suggestion on how to make it so users don't need to set this environment variable? Can I fix this at build time w/o a patch? https://github.com/termux/termux-packages/pull/3791
The updated keybase package at version 4.0.0-2
is now available for installation - update to it with pkg up
!
Note that this version has been patched so that KEYBASE_SECRET_STORE_FILE
defaults to true.
I get this message from a fresh Keybase app install (from Playstore) on Android 9 after typing in my username. Any hints what I could do to get past this?
With keybase 4.7.2-1, I managed to log in and register the device without running keybase service
.
But thanks for the tip, because with the keybase service running, using Git repositories works!
Hi, I'm not able to login to keybase via the cli on Android 9 using termux. Looks like others are having the same issue.
Is there a configuration I am missing?
Steps
pkg install keybase
keybase service
keybase login
⇨ cli exits with
ERROR Secret store not functional: error while storing secret: no external key store available
Versions