Password-less Keyring

Setting up a password-less poktrolld

No password

These instructions are intended to streamline usage of poktrolld on Debian machines to AVOID providing a password each time.

Only follow these instructions if you know what you're doing.

Table of Contents

• Prerequisites
• Background
• Instructions
  • 1. Install pass (password store utility)
  • 2. Create a GPG Key
  • 3. Find Your GPG Key ID
  • 4. Initialize pass with your GPG key ID
  • 5. Store Cosmos Keyring Password
  • 6. Verify Password Storage
  • 7. Test Configuration
  • 8. Security Reminder

Prerequisites

1. You are running any Shannon service on a Debian machine.
2. You have installed the poktrolld CLI.
3. You have created a poktroll user following one of the guides in the docs.
4. ⚠️ You are annoyed about having to enter your password every time ⚠️

Background

poktrolld uses the Cosmos SDK keyring. For details on how it works, and understanding what a backend is, see the official docs.

This document will focus on how to use poktrolld with the os backend without a password on a Debian machine, and assume you have read the Cosmos documentation.

Only required for non test keyring backends

This whole page can be skipped if the backend in your .poktroll/config/client.toml is set to test.

If it is set to os or other, these instructions avoid having to enter your password every time.

Instructions

1. Install pass (password store utility)

sudo apt-get install pass

2. Create a GPG Key

Generate a new GPG key pair - you'll be prompted for:

• Kind of key: Choose RSA
• Key size: 3072 bits is recommended
• Key validity: Choose your preferred duration
• Your name and email

gpg --full-generate-key

3. Find Your GPG Key ID

List your secret keys and find your key ID.

gpg --list-secret-keys --keyid-format LONG

The output will look like:

sec rsa3072/B9448E560E033C02 <-- This is your key ID
5F79E46574CF39CDA4FB46BDB9448E560E033C02
uid [ultimate] Your Name <your.email@example.com>

4. Initialize pass with your GPG key ID

Replace B9448E560E033C02 with your actual key ID from the step abpve

pass init B9448E560E033C02

5. Store Cosmos Keyring Password

Store your password - you will be prompted to enter it.

pass insert cosmos-keyring

6. Verify Password Storage

This will display your stored password

pass cosmos-keyring

IMPORTANT: RESTART REQUIRED

You must rerun the command above 👆 after every restart for the keys to be available

7. Test Configuration

Test if poktrolld can now access the keyring without prompting

poktrolld keys list

8. Security Reminder

warning

Note: Make sure to keep your GPG private key secure, as it's used to decrypt your stored passwords.