Software problem: KDE Wallet

When I reinstalled my desktop computer, KDE started asking me for a wallet password. Each time a short while after I started my web browser. It didn’t look all right:

  • I don’t think I’ve ever set a wallet password and I deleted whole KDE configuration after I had reinstalled the computer.
  • I couldn’t see any reason why my web browser should access the wallet just after starting.

The bogus password prompt kept popping up every day and it got harder to ignore it. I had two options:

  1. Disable the wallet in KDE settings.
  2. Fix the wallet.

Option 1. would be easier and solving the problem immediately. However I opted for 2. (problem of category 1, user curiosity and naivety) because using the wallet could be useful and I also wondered what tries to access the wallet and why.

It seems KDE Wallet has no usable documentation (another problem of category 1, trying to use software that needs documentation and doesn’t have one), which made the process even more cumbersome than needed.

The first step to move on was to get rid of the wallet I couldn’t access because it asked for a password that I’ve never set. I’ve found out it can be done in KDE wallet manager where it’s possible to delete the wallet. OK, done.

Now the followup step was to create a new wallet. When I was prompted about the wallet type, I opted for GPG encryption. Then I pressed Next button and got an error dialog with the following message:

Seems that your system has no keys suitable for encryption. Please set-up at least one encryption key, then try again.

What? I have a GnuPG encryption key, so what’s the problem?

Looking around, I’ve discovered there is an application called kgpg. At the first run, it didn’t look promising. But at the second run kgpg provided a somewhat better error message:

An error occurred while scanning your keyring:

gpg: Oops: keyid_from_fingerprint: no pubkey

Indeed, gpg reported the same error from a command line when listing my keys:

$ gpg -K
gpg: Oops: keyid_from_fingerprint: no pubkey
…

But it still listed the keys, so what was the problem? I verified that I can encrypt and decrypt files using my default key. After a lot of experiments with gpg commands, I came to a conclusion that my more than a decade old ~/.gnupg directory is no longer all right and perhaps got damaged when it had been converted from gpg version 1 to version 2. So I exported my private keys, deleted ~/.gnupg and imported my previously exported keys. The wallet still insisted on its error but kgpg started working. I went successfully through the kgpg wizard and set everything needed, but the wallet error still remained.

Maybe the problem could be that the wallet doesn’t understand my old keys. A question is why when kgpg can see them fine. Nevertheless it’s not a good idea to use my personal key in KDE so I generated a new key pair. Then I could finally create a new wallet using that key. And only now, too late, KDE Wallet provided the reason why it couldn’t see my old key — it wasn’t set as ultimately trusted.

The seemingly innocent KDE Wallet password dialog popping up in my new installation has led to quite a lot of wasted time, apparently due to problems of categories 2 and 3. The positive effects of all of it are that I have cleaned up my ~/.gnupg (way too much — I’ll have to import some of my old stuff) and that I can use KDE Wallet now if it appears any useful.

Leave a Reply

Your email address will not be published. Required fields are marked *