Impossible to export and import passwords afterwards in an identical manner
Using secret-tool search --all authtype password
you can generate a list of results, parse those results, and back them up somewhere safe on an external hard drive.
Later though it is impossible to import secrets again in the identical manner, because it is impossible to set the schema
and secret
via CLI options/flags.
Expected Behaviour
secret-tool store --label="cookiengineer@myserver" --schema="org.gnome.keyring.NetworkPassword" authtype password protocol sftp user cookiengineer server myserver
# then typing in password would be better with --secret="secret value"
Actual Behaviour
secret-tool store --label="cookiengineer@myserver" schema org.gnome.keyring.NetworkPassword authtype password protocol sftp user cookiengineer server myserver
# again, typing password is suboptimal.
# resulting entry is wrong. entry.attribute.schema is set, not entry.schema
As schema is only possible via attributes
, the resulting entry will have attribute.schema set, which is not the same, and will therefore not be found by nautilus
as a password later.
In order to have 1:1 export and import capabilities, it would be necessary to have the following features:
- password dialog via tty is hacky, allow
--secret="value"
flag usage. - schema cannot be set, allow
--schema="org.gnome.SomeThing"
usage.