Who uses blowfish for KWallet, as its the default option?

kenning · November 10, 2023, 2:43pm

I use Linux since a few years and just now change my Kwallet store to GPG encrypted.

Why? Because there is no preinstalled GPG program, most people dont use it (apart from mail, and this is poorly very rare) and there is no keypair generated when creating the user account.

A simple:

gpg --quick-generate-key "$USER" rsa4096 &&\
echo "y" | gpg --sign-key "$USER"

would be enough at startup. I think for plasma 6 this should be implemented, so that KWallet can use GPG by default, using a gpg keypair with the username and the keystore named “kdewallet” by default.

Would there be any problems with such an implementation? And where would this be implemented so that every distro will use it by default?

Also, do you know if there is a good option to convert a Blowfish wallet to GPG?

Cheers!

kenning · November 10, 2023, 3:08pm

Weird, I created a GPG keypair but in kdewalletmanager it doesnt show up.

I see that the certificate needs to have some trust level or be verified. I did that using another PGP key (which makes little sense as this one is unverified then, or locally generated?) and still the key is not showing up.

The “kleopatra” key I created for verifying etc shows up a an option, but it uses a different password thus it makes no sense for KWallet as It cant unlock the wallet.

The Arch Wiki entry explained the problems. That was the reason why I never switched.

It only works if:

Blowfish
named kdewallet
not with fingerprint etc.

I think fingerprint is fixed in Plasma 6? Not sure about the rest, but an encrypted password storage doesnt really seem important if its always open and with LUKS or systemd-homed.

Edit: I also broke autounlock, even though the requirements where met, as Plasma for some reason now creates a wallet named “Default keychain” and created an empty one. Going to systemsettings and setting my old one as default fixed it again…

jinliu · November 12, 2023, 1:53am

IMHO there’s not much value further strengthening up KWallet’s encryption. An attacker doesn’t need to decrypt the storage at all. It just adds itself to the “Auto Allow” list in ~/.config/kwalletrc and use the API to read everything:

github.com

KDE/kwallet/blob/3834cc92e040ba657af75f7a455703d8bdbf31e3/src/runtime/kwalletd/kwalletd.cpp#L1741


      
                  const Wallets::const_iterator end = _wallets.constEnd();
                  for (; it != end; ++it) {
                      _closeTimers.addTimer(it.key(), _idleTime);
                  }
              }
          } else {
              _closeTimers.clear();
          }
          
          // Update the implicit allow stuff
          _implicitAllowMap.clear();
          const KConfigGroup autoAllowGroup(&cfg, "Auto Allow");
          QStringList entries = autoAllowGroup.entryMap().keys();
          for (QStringList::const_iterator i = entries.constBegin(); i != entries.constEnd(); ++i) {
              _implicitAllowMap[*i] = autoAllowGroup.readEntry(*i, QStringList());
          }
          
          // Update the implicit allow stuff
          _implicitDenyMap.clear();
          const KConfigGroup autoDenyGroup(&cfg, "Auto Deny");
          entries = autoDenyGroup.entryMap().keys();

Until this is fixed, you may as well use a plaintext store.

SkyBorg · November 12, 2023, 10:28am

KWallet is one of the fist things to get turned off.

Franken14679 · January 7, 2024, 2:14pm

I see what you mean –

 > cat .config/kwalletrc 
[Auto Allow]
kdewallet=kiod5,drkonqi,kwalletmanager5,okular,kwallet-query,kded5,akonadiconsole,kmail2,korganizer,kontact,akonadi_maildispatcher_agent,akonadi_imap_resource_0,accountwizard,akonadi_imap_resource_1,akonadi_imap_resource_2,akonadi_imap_resource_3,akonadi_imap_resource_4,akonadi_imap_resource_5,akonadi_imap_resource_6,mailtransports,akonadi_imap_resource_7,akonadi_imap_resource_8,imap,akonadi_imap_resource_9,Chromium

[Auto Deny]
kdewallet=

[Migration]
alreadyMigrated=true

[Wallet]
Close When Idle=false
Close on Screensaver=false
Default Wallet=kdewallet
Enabled=true
First Use=false
Idle Timeout=10
Launch Manager=true
Leave Manager Open=false
Leave Open=true
Prompt on Open=true
Use One Wallet=true

[org.freedesktop.secrets]
apiEnabled=true
 >

But, if an attacker can access and modify the files in ‘~/.config/’ then, everything in your user directory is very broken, compromised,and, in general, open to the world.

And, the default protection on a user’s configuration directory is exactly that which is specified in ‘/etc/skel/’ –

 > l -d /etc/skel/.config
drwx------ 2 root root 4096 15. Mär 2022  /etc/skel/.config/
 >

And, the default protections on a user’s KWallet configuration files are –

 > l .config/*wall*
-rw------- 1 xxx users   52 20. Aug 2022  .config/kwalletd5.notifyrc
-rw------- 1 xxx users 1018  7. Jan 12:25 .config/kwalletmanager5rc
-rw------- 1 xxx users  764 29. Dez 10:09 .config/kwalletrc
 >

Ditto, the KWallet session files which used to be placed in ‘~/.config/session/’.

So, a given user has been compromised – their user data (including e-Mail and WLAN access points) is accessible to the attacker –

If, you want to prevent the attacker from accessing additional passwords then, you’ll need an additional Wallet with a different password to the user’s login password – which is what KWallet offers anyway …

jinliu · January 7, 2024, 2:36pm

Every non-sandboxed app I run can write to that directory. Yes, security on Linux desktop is very broken, unless you go full Flatpak.

Doesn’t improve anything. Whatever password you choose, you got to open that wallet at some point, then I, being ‘Auto Allow’, just try reading passwords every minute until that moment.

Franken14679 · January 8, 2024, 1:55pm

This behaviour is standard UNIX® – everything any given user executes can read or write from and to everything where the given user has I/O read or write permissions …

If you’re really worried about this standard behaviour then, you could take a look at either AppArmor (application fire-walling) or, SELinux.

Franken14679 · January 8, 2024, 1:58pm

Provided that, either AppArmor or, a SELinux policy, allowed an undefined executable process to write to the KWallet configuration file …

_sr · January 10, 2024, 10:01am

Security on desktops is broken in general.

Herzenschein · January 10, 2024, 2:50pm

I don’t remember Blowfish being the default. I could have sworn every time I get that first KWallet popup it has GPG by default and I have to set it to Blowfish every time.

Franken14679 · January 12, 2024, 5:12pm

Currently, on openSUSE Leap 15.5, when a KDE Plasma user first logs in to an empty home directory – empty in the sense of, the only directory content is that which is defined in ‘/etc/skel/’ – a new, empty Wallet named “kdewallet” is automatically created with a password which is the given user’s login password …

And, that Wallet is automatically opened when the user logs in …

How can one determine the encryption of the Wallet file automatically created in ‘~/.local/share/kwalletd/’ ?

 > file .local/share/kwalletd/kdewallet.kwl 
.local/share/kwalletd/kdewallet.kwl: data
 >

jpetso · January 12, 2024, 10:21pm

I’ve been switching to GPG because it’s the option that allows me to set an empty password. All that’s stored in my KWallet is pretty much wifi passwords anyway, I don’t care if anyone steals those. I just want KWallet to go away, and stay away. Although I recently read somewhere that it may be possible to tie KWallet to SDDM logins, so I don’t have to enter my password twice in a row, one more time right after logging in. If I manage to get that set up, perhaps my wifi passwords will finally be a little harder to extract (yay?).

Everything important is in Firefox and guess what, even Firefox does not force me to make an uneducated choice between two technical terms on its initial startup like Plasma with KWallet.

jinliu · January 13, 2024, 2:55am

Although I recently read somewhere that it may be possible to tie KWallet to SDDM logins, so I don’t have to enter my password twice in a row, one more time right after logging in. If I manage to get that set up, perhaps my wifi passwords will finally be a little harder to extract (yay?).

Your distribution should already setup it for you:

$ cat /etc/pam.d/sddm
#%PAM-1.0

auth        include     system-login
-auth       optional    pam_gnome_keyring.so
-auth       optional    pam_kwallet5.so
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ this line

account     include     system-login

password    include     system-login
-password   optional    pam_gnome_keyring.so    use_authtok

session     optional    pam_keyinit.so          force revoke
session     include     system-login
-session    optional    pam_gnome_keyring.so    auto_start
-session    optional    pam_kwallet5.so         auto_start
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ and this

And you can also use your LUKS password with

-auth        optional    pam_systemd_loadkey.so keyname=luks2-pin

Franken14679 · January 15, 2024, 5:14pm

Yes, yes, yes – GPG is a better encryption than the Blowfish encryption but –

The GPG keys are stored as plain text in ‘~/.gnupg/private-keys-v1.d/’ …
OK, OK, OK – if your home directory is encrypted then, those keys are also encrypted …

Personally, I’m remaining with Blowfish and a Wallet which has the same (encrypted) password as my login password.

Yes, yes, yes – I know that Bruce Schneier has stated that Blowfish should be replaced by Twofish – his article is here: <https://www.schneier.com/academic/blowfish/>.
Twofish is here: <https://www.schneier.com/academic/twofish/>

Maybe, KWallet could move to Twofish and/or, the developers could chat with Bruce Schneier to find out if, he could recommend an even better alternative …

kenning · January 24, 2024, 2:52am

By default Kwallets blowfish encrypted wallet is encrypted with the users login password. To auto-unlock it needs to be set as “default”.

But really, reading that any process can just read all the keys is horrible.

Okay, I actually use a script that does exactly that. A shame how secure device credential /biometric unlock is on Android/GrapheneOS, and on Linux this mess.

Fedora people are working on SELinux confined users. Its important that Desktops work in a way that complies with those profiles. And apps need to be adapted too, lots of testing needed to join!

freedriven · January 30, 2024, 2:22pm

Assume I have kdewallet that auto decrypts when I log in. Now, assume a laptop thief has physical access, and can change the user login and sudo password via bootable USB, etc. Under that case, kdewallet stays encrypted/unreadable, correct?

FYI, I use blowfish, cause, auto decrypt on log in.

SkyBorg · January 30, 2024, 2:50pm

one of the first things I do once on the desktop is to turn KWallet off.

WilsonEPhillips · January 30, 2024, 6:59pm

I’ve tried that and my NetworkManager would not remember the password for my Wi-Fi.

SkyBorg · February 1, 2024, 12:57pm

I know better than that cause I always turn off wallet, and recently used my WiFi and never lost the password once setup. I know there is a specific setting you have to do in the network settings but I’m afraid I honestly don’t remember what it is.

jinliu · February 1, 2024, 1:02pm

It can be saved as a “system connection”. The password will be in a clear text file only readable by root.