Gnome Keyring Distributor Notes

Dependencies

These dependencies are required or recommended to build gnome-keyring:

dbus >= 1.0
hal, hal-storage >= 0.5.7 optional: removable keyring storage will be disabled
glib-2.0 >= 2.8.0
gtk+-2.0 >= 2.6.0
gconf-2.0
libgcrypt >= 1.2.2
libpam optional: automatic unlocking of keyring will be disabled
libtasn1 >= 0.3.4

The best place to start gnome-keyring is from the user's login. This is done via a PAM module. When configured correctly the user does not need to enter any passwords beyond that of their login.
When not started from the PAM module, gnome-session will try to start gnome-keyring-daemon. The user will need to specify an unlock password for their keyring on its first use.
If not started by one of the above, it will be automatically activated by DBus for basic password operations. However much functionality will not be available, such as the SSH agent and encryption key store.

Gnome keyring will be stopped by gnome-session when that process stops.
Gnome keyring will be killed by the PAM module if the process that hosted the PAM module runs for the duration of the user's session.

It is recommended, to configure the OS so that the user can use at least 256KB of lockable memory (ie: non-pageable). This will allow gnome-keyring to keep the encryption keys, and passwords from being paged to the disk.

If you would rather use another SSH agent, you can do so by clearing the gconf key:
- ```
/apps/gnome-keyring/daemon-components/ssh
```

Gnome Keyring looks for passwords and encryption keys in the following locations:
- ~/.ssh: SSH encryption keys
- ~/.gnome2/keyrings: Password keyrings
- ~/.gnome2/keystore: Encryption keys and certificates.
- The location of CA Root certificates can be configured with the --with-root-certs=/path configure option. It is blank by default.
If libhal is available, then the following locations are used on any user owned removable device:
- /keyrings: Password Keyrings
- /keystore: Encryption keys and certificates