https://bugs.kde.org/show_bug.cgi?id=263174
--- Comment #19 from Alex Dubov <[email protected]> --- By thinking some more, one can notice, that SSO (kerberos, webauthn) has the same problem: user password being unavailable at login time and decryption key(s) coming from elsewhere (central LDAP in kerberos case, secure sensor chip/TPM in the fingerprint case). So there's really no alternative to improving the wallet/secrets auth flow handling in KDE and proper PAM flow is probably the most tangible direction (PAM itself should also be improved some, with proper item keys added to support secure storage and keyring decryption; these are not dissimilar to X11 item keys added in the past). -- You are receiving this mail because: You are watching all bug changes.
