search

mhogomchungu / zuluCrypt

zuluCrypt is a front end to cryptsetup and tcplay and it allows easy management of encrypted block devices
https://mhogomchungu.github.io/zuluCrypt
Other
496 stars 61 forks source link

How to get password from Gnome keyring zuluCrypt-cli -G ? #181

Closed bitcoin-eagle closed 1 year ago

bitcoin-eagle commented 2 years ago

Hello, I'd need advice how to mount veracrypt volume with password from Gnome keyring using cli. It works in gui. I just don't know what argument pass to to the -G option. ​

sudo zuluCrypt-cli -o -d /dev/nvme0n1p4 -m nvme0n1p4 -G keyring     
ERROR: Could not get a passphrase from the module

Screenshot from 2022-05-14 14-43-06

Thank you

mhogomchungu commented 2 years ago

what version of zuluCrypt are you using?

bitcoin-eagle commented 2 years ago 
Version  : 5.7.1
Copyright: 2011-2020 Francis Banyikwa,mhogomchungu@gmail.com
License  : GPLv2+
mhogomchungu commented 2 years ago

I think it does not work because you are using sudo.

give "zuluCrypt-cli" 4755 permissions to make it work without requiring sudo and try again.

The command to run to give it those permissions are

chmod 4755 /usr/bin/zuluCrypt-cli
bitcoin-eagle commented 2 years ago

I tried that. It didn't help. My main problem is that I don't know the value for -G argument. I made up the -G "keyring" value.

I get the same error even for nonsensical -G "xxx"

zuluCrypt-cli -o -d /dev/nvme0n1p4 -m nvme0n1p4 -G "xxx" ERROR: Could not get a passphrase from the module

mhogomchungu commented 2 years ago

"-G" options takes a name of a program zuluCrypt-cli should call to get a password and zuluCrypt ships with a bunch of these programs and one of them is called "keyring" and this program reads a password from gnome keyring and sends it to zuluCrypt-cli.

These programs are called "zuluCrypt plugins" and you can make one of your own if you want.

I run below command the first time and i got below error and was puzzled.

[ink@localhost ~]$ zuluCrypt-cli -o -d Tmp/volume.img -G keyring
ERROR: Could not get a passphrase from the module

I then force gnome keyring to unlock by going to zuluCrypt-gui and attempted to add a key to gnome keyring.

I tried the command again and it succeeded.

[ink@localhost ~]$ zuluCrypt-cli -o -d Tmp/volume.img -G keyring
SUCCESS: luks volume opened successfully
volume mounted at: /home/ink/volume.img
[ink@localhost ~]$

There is a bug here and keyring plugin should force gnome keyring to unlock when it tries to read a password from it or at least should say it failed to get the password because the keyring is locked.

Are you sure the keyring is unlocked when running your command?