For face or fingerprint unlock methods that log in but don't unlock the keyring
This works on Pop OS and probably any Ubuntu based distro
Uses https://codeberg.org/umglurf/gnome-keyring-unlock and https://github.com/tpm2-software/tpm2-tools
This is required to use the TPM
sudo usermod -aG tss your_username
log out and back in, and check that you are in the tss group:
groups
sudo apt install tpm2-tools
git clone https://codeberg.org/umglurf/gnome-keyring-unlock.git
mkdir -p ~/.tpm && cd ~/.tpm
tpm2_createprimary -c primary.ctx
tpm2_create -C primary.ctx -Gaes128 -u key.pub -r key.priv
tpm2_load -C primary.ctx -u key.pub -r key.priv -c key.ctx
read password
tpm2_encryptdecrypt -c key.ctx -o password.enc <<<$password
Save the following as ~/Scripts/unlockKeyring.sh:
#!/bin/bash
# Load a TPM Context key, decode password and unlock the gnome keyring
tpm2_createprimary -Q -c ~/.tpm/primary.ctx
tpm2_load -Q -C ~/.tpm/primary.ctx -u ~/.tpm/key.pub -r ~/.tpm/key.priv -c ~/.tpm/key.ctx
tpm2_encryptdecrypt -Qd -c ~/.tpm/key.ctx ~/.tpm/password.enc | ~/gnome-keyring-unlock/unlock.py
Add the following to the end of your ~/.profile:
# Wait 5 seconds then try to unlock the keyring
(sleep 5; ~/Scripts/unlockKeyring.sh &> ~/Scripts/unlockKeyring.log) &
Hey! This mightve worked but unfortunately with the guide I'm stuck at the read password command, as of right now its blank. Does anyone know how to fix this? I'm on Zorin OS
