/usr/share/doc/kde/HTML/en/kwallet/index.docbook is in kwalletmanager 4:4.8.2-0ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 | <?xml version="1.0" ?>
<!DOCTYPE book PUBLIC "-//KDE//DTD DocBook XML V4.2-Based Variant V1.1//EN" "dtd/kdex.dtd" [
<!ENTITY kwallet "<application>KWallet</application>">
<!ENTITY kwalletmanager "<application>KWallet Manager</application>">
<!ENTITY package "kdeutils">
<!ENTITY kappname "&kwallet;">
<!ENTITY % addindex "IGNORE">
<!ENTITY % English "INCLUDE">
]>
<book lang="&language;">
<bookinfo>
<title>The &kwallet; Handbook</title>
<authorgroup>
<author>
&George.Staikos; &George.Staikos.mail;
</author>
<author>
&Lauri.Watts; &Lauri.Watts.mail;
</author>
<othercredit role="developer">
<firstname>George</firstname><surname>Staikos</surname>
<affiliation><address>&George.Staikos.mail;</address></affiliation>
<contrib>Developer</contrib>
</othercredit>
<!-- TRANS:ROLES_OF_TRANSLATORS -->
</authorgroup>
<legalnotice>&FDLNotice;</legalnotice>
<date>2011-11-28</date>
<releaseinfo>1.8 (&kde; 4.8)</releaseinfo>
<abstract>
<para>
The wallet subsystem provides a convenient and secure way to manage all your
passwords.</para>
</abstract>
<keywordset>
<keyword>KDE</keyword>
<keyword>Kwallet</keyword>
<keyword>passwords</keyword>
<keyword>forms</keyword>
</keywordset>
</bookinfo>
<chapter id="introduction">
<title>Introduction</title>
<para>Computer users have a very large amount of data to manage, some of
which is sensitive. In particular, you will typically have many passwords
to manage. Remembering them is difficult, writing them down on paper or in
a text file is insecure, and using tools such at PGP is tedious and
inconvenient.</para>
<para>&kwallet; saves this sensitive data for you in a strongly encrypted
<footnote><para>
The data is encrypted with the
<ulink url="http://www.schneier.com/blowfish.html">Blowfish symmetric block cipher algorithm</ulink>,
the algorithm key is derived from the
<ulink url="http://www.ietf.org/rfc/rfc3174.txt">SHA-1 hash</ulink>
of the password, with a key length of 156 bits (20 bytes).
The data into the wallet file is also hashed with SHA-1 and checked
before the data is deciphered and accessible by the applications.
</para></footnote>
file, accessible by all applications, and protected with a master
password that you define.</para>
<tip>
<para>&kwallet; supports multiple wallets, so
for the most secure operation, you should use one wallet for local
passwords, and another for network passwords and form data. You can
configure this behavior in the &kwallet; &systemsettings; module, however
the default setting is to store everything in one wallet.</para>
</tip>
<para>A wallet is by default closed, which means that you must supply
a password to open it. Once the wallet is opened, the contents can
be accessed.</para>
<sect1 id="kwallet-using">
<title>Using &kwallet;</title>
<para>If you visit ⪚ the &kde; bugtracker and enter the login data for
the first time, a dialog pops up offering to store the password in an
encrypted wallet:</para>
<screenshot>
<screeninfo>Request to save login information</screeninfo>
<mediaobject>
<imageobject><imagedata fileref="save-login-information.png" format="PNG"/></imageobject>
<textobject><phrase>Request to save login information</phrase></textobject>
</mediaobject>
</screenshot>
<para>If you want to store this information, select <guibutton>Store</guibutton>
to proceed. In case you did not create a wallet so far, the next dialog asks for
the wallet password and creates a wallet named kdewallet.
</para>
<screenshot>
<screeninfo>Create a wallet</screeninfo>
<mediaobject>
<imageobject><imagedata fileref="first-open-request.png" format="PNG"/></imageobject>
<textobject><phrase>Create a wallet</phrase></textobject>
</mediaobject>
</screenshot>
<para>Next time you visit the same website again, the application requests to open the wallet.
Enter the wallet password and click the <guibutton>Open</guibutton> button.</para>
<screenshot>
<screeninfo>Request to open a wallet</screeninfo>
<mediaobject>
<imageobject><imagedata fileref="openwallet-request.png" format="PNG"/></imageobject>
<textobject><phrase>Request to open a wallet</phrase></textobject>
</mediaobject>
</screenshot>
<para>This connects the application to the wallet, enables it to read the login data from the wallet
and to restore the login information for this website. Once an application is connected to
the wallet, it can automatically restore any login information stored in the wallet.</para>
</sect1>
</chapter>
<chapter id="kwalletmanager">
<title>&kwalletmanager;</title>
<para>&kwalletmanager; serves a number of functions. Firstly it allows you to see if
any wallets are open, which wallets those are, and which applications are
using each wallet. You can disconnect an application's access to a wallet
from within the &kwalletmanager;.</para>
<para>You may also manage the wallets installed on the system, creating and
deleting wallets and manipulating their contents (changing keys, ...).</para>
<para>The &kwalletmanager; application is launched with <menuchoice>
<guimenu>Applications</guimenu><guisubmenu>Settings</guisubmenu>
<guimenuitem>Wallet Management Tool</guimenuitem></menuchoice> from the
application launcher.
Alternatively start &krunner; with shortcut <keycombo
action="simul">&Alt;<keycap>F2</keycap></keycombo> and enter
<command>kwalletmanager</command>.</para>
<para>A system tray icon indicates that a wallet is open:
<mediaobject>
<imageobject>
<imagedata fileref="oxygen48-status-wallet-open.png"/>
</imageobject>
</mediaobject>
When all
wallets are closed, the icon will reflect this by showing a closed
wallet:
<mediaobject>
<imageobject>
<imagedata fileref="oxygen48-status-wallet-closed.png"/>
</imageobject>
</mediaobject>
</para>
<para>Click once on the system tray wallet icon to display the &kwalletmanager;
window showing all available wallets as icons which reflect their
current status, either open or closed.</para>
<para>
<mediaobject>
<imageobject>
<imagedata fileref="kwalletmanager.png"/>
</imageobject>
</mediaobject></para>
<sect1 id="kwalletmanager-context-menu">
<title>The &kwalletmanager; Context Menu</title>
<para><mousebutton>Right</mousebutton> clicking on a wallet in the
&kwalletmanager; window offers
the following functions:</para>
<variablelist>
<varlistentry>
<term><guimenuitem>New Wallet...</guimenuitem></term>
<listitem>
<para>Create a new wallet. A dialog box will ask you
for the name of the new wallet that you want to create.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><menuchoice><shortcut><keycap>Return</keycap></shortcut>
<guisubmenu>Open...</guisubmenu></menuchoice></term>
<listitem>
<para>Open the wallet. Opening the wallet causes the contents
of the wallet to be displayed in a new window where you can
add, delete, or modify the contents of the wallet. You may also
double click the wallet icon to cause it to open. If the wallet
is not already open, you will be requested to enter the password.
See below for details of using the wallet window.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><guimenuitem>Change Password...</guimenuitem></term>
<listitem>
<para>Change the master password for the wallet.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><guisubmenu>Disconnect</guisubmenu></term>
<listitem><para>Disconnect an application from the wallet. Currently
connected applications will appear in a submenu.</para></listitem>
</varlistentry>
<varlistentry>
<term><menuchoice><shortcut> <keycombo
action="simul">&Ctrl;<keycap>W</keycap></keycombo></shortcut>
<guimenuitem>Close</guimenuitem></menuchoice></term>
<listitem><para>Force the wallet to be closed.</para></listitem>
</varlistentry>
<varlistentry>
<term><menuchoice><shortcut><keycap>Del</keycap></shortcut><guimenuitem>Delete</guimenuitem></menuchoice></term>
<listitem>
<para>Delete the wallet</para>
</listitem>
</varlistentry>
</variablelist>
</sect1>
<sect1 id="kwalletmanager-wallet-window">
<title>The Wallet Window</title>
<para>Double clicking on a wallet in the &kwalletmanager; window will open a new
window displaying that wallet's contents. A wallet may contain any number
of folders, which allow storing of password information. By default a wallet
will contain folders named Form Data and Passwords.
</para>
<para>The window has three sections:</para>
<para>
<mediaobject>
<imageobject>
<imagedata fileref="edit1.png"/>
</imageobject>
</mediaobject></para>
<itemizedlist>
<listitem><para>A search line to filter the items of the current
wallet</para></listitem>
<listitem><para>The tree view of the folders contained in the wallet.
Click the <guiicon>></guiicon> / <guiicon>v</guiicon> symbols to expand or collapse
the tree view.</para></listitem>
<listitem><para>The contents of the selected folder entry at the right side</para></listitem>
</itemizedlist>
<para>Folders may be added or deleted via the context menu, and selecting a folder will update
the folder entry list and the summary display. Selecting a folder entry
will update the entry contents pane, and allow you to edit that
entry.</para>
<para>
<mediaobject>
<imageobject>
<imagedata fileref="edit2.png"/>
</imageobject>
</mediaobject></para>
<para>Entries may also be created or deleted via the context menu for the
folder contents.</para>
<para>All folders and entries may be dragged and dropped into other wallets
or folders respectively. This allows a user to easily package up a new
wallet for transfer to another environment. For instance, a new wallet
could be created and copied onto a removable flash memory device. Important
passwords could be transferred there, so you have them available in other
locations.</para>
</sect1>
</chapter>
<chapter id="kwallet-kcontrol-module">
<title>Configuring &kwallet;</title>
<sect1 id="wallet-preferences">
<title>Wallet Preferences</title>
<para>&kwallet; contains a small configuration panel with several options
that allow you to tune &kwallet; to your personal preferences. The
default settings for &kwallet; are sufficient for most users.</para>
<para>Check the box to enable or disable the &kde; wallet subsystem
entirely. If this box is unchecked, then &kwallet; is entirely disabled and
none of the other options here have any effect, nor will &kwallet; record
any information, or offer to fill in forms for you.</para>
<variablelist>
<title><guilabel>Close Wallet</guilabel></title>
<varlistentry>
<term><guilabel>Close when unused for:</guilabel></term>
<listitem>
<para>Close the current wallet after a period of inactivity. If you check this
option, set the period in the box, default is 10 minutes. When a wallet is
closed, the password is needed to access it again.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><guilabel>Close when screensaver starts</guilabel></term>
<listitem>
<para>Close the wallet as soon as the screen saver starts. When a wallet is
closed, the password is needed to access it again.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><guilabel>Close when last application stops using it</guilabel></term>
<listitem>
<para>Close the wallet as soon as applications that use it have stopped. Note
that your wallets will only be closed when all the applications that use it have
stopped. When a wallet is closed, the password is needed to access it
again.</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist>
<title><guilabel>Automatic Wallet Selection</guilabel></title>
<varlistentry>
<term><guilabel>Select wallet to use as default:</guilabel></term>
<listitem>
<para>Select which wallet you want to use as default wallet.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><guilabel>Different wallet for local passwords:</guilabel></term>
<listitem>
<para>If checked, choose a different wallet for local passwords.</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist>
<title><guilabel>Wallet Manager</guilabel></title>
<varlistentry>
<term><guilabel>Show manager in system tray</guilabel></term>
<listitem>
<para>Enable the wallet manager to have its icon in the system tray.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><guilabel>Hide System tray icon when last wallet
closes</guilabel></term>
<listitem>
<para>When there is no wallet in use anymore, remove the wallet icon from the
system tray.</para>
</listitem>
</varlistentry>
</variablelist>
<para>Finally, there is a button labeled <guibutton>Launch Wallet
Manager</guibutton>, which does precisely that.</para>
<para>This button is only visible if &kwalletmanager; is not running</para>
</sect1>
<sect1 id="wallet-access-control">
<title>Access Control</title>
<para>There is only one option on this page:</para>
<variablelist>
<varlistentry>
<term><guilabel>Prompt when an application accesses an open wallet</guilabel></term>
<listitem>
<para>Signal you when an application gains access to an open wallet.</para>
</listitem>
</varlistentry>
</variablelist>
<para>Next there is a tree style view of the access controls for your wallets.</para>
<para>Click with the &LMB; on the <guiicon>></guiicon> symbol beside a wallet name to
expand the tree. You will see the name of each application that has asked
for access to the wallet, and the policy you set for it. You cannot edit
policies here, or add them, but it is possible to delete an entry by &RMB;
clicking on it and choosing <guimenuitem>Delete</guimenuitem> from the
context menu that appears, or by simply selecting it and pressing the
<keysym>Del</keysym> key.</para>
<para>An application that has been allowed access to a wallet is granted access to
all passwords stored inside.</para>
</sect1>
<sect1 id="ksecretsync-kcontrol-module">
<title>&kde; Secret Sync</title>
<para>KDE Secret Sync tool aims to help synchronize secrets, such as passwords
and login-in account information, between several devices running KDE.
It comes as a feature of the new KSecretsService infrastructure. For
more information about this infrastructure, please check the
<ulink url="http://techbase.kde.org/Projects/Utils/ksecretsservice">KSecretsService page</ulink>
and also the
<ulink url="https://projects.kde.org/projects/kde/kdeutils/ksecrets">project information page</ulink>. This tool is
currently under development.</para>
<para>&kde; Secret Sync uses cryptography to securely exchange the secrets
between the devices. As such, it can be used over insecure connections,
such as the Internet.</para>
<!-- not in gui 4.8.0
<para>The operation is quite simple and it can follow one of the two scenarios:</para>
<itemizedlist>
<listitem><para>synchronize using a centralized resource</para></listitem>
<listitem><para>peer-to-peer synchronization</para></listitem>
</itemizedlist>
<sect2 id="centralized-resource">
<title>Using a centralized resource</title>
<para>This operating mode requires full access to an IMAP server. The &kde;
Secret Sync tool creates an encrypted resource under the folder of your
choice then it updates it each time a local secret collection changes,
as notified by the KSecretsService infrastructure. This occurs each time
an application updates it's secret information. &kde; Secret Sync tool
periodically checks this central resource for modifications and when
updates are found, then they are pushed to the corresponding local
collection.</para>
<para>This case requires permanent connection to an IMAP server. The &kde;
Secret Sync tool will hold sync operations during network outages. The
security level of this kind of operation depends of the security of the
IMAP server and the encrypting algorithm used to created the centralized
resource. On the other hand, storing the secrets on that centralized
resources can also be viewed as a backup.</para>
</sect2>
-->
<sect2 id="peer-to-peer-synchronization">
<title>Peer-to-peer synchronization</title>
<para>This operation mode does not require access to a centralized <!--IMAP-->
server. A list of known computers is used instead. &kde; Secret Sync will
initiate secret exchange sessions with each of it's known computers over
a SSH tunnel. The local secret changes are propagated to the other known
computers as soon as they are detected.</para>
<para>This case require a network connection between known devices. The &kde;
Secret Sync tool will hold sync operations with the devices that are not
available due to network outages. A naming service should be used for
devices that change IP address with each connection.</para>
<para>On the <guilabel>General</guilabel> tab check <guilabel>Enable auto synchronization</guilabel>
and adjust the port your computer is listening for this service. Go to the
<guilabel>Computers</guilabel> tab and add all remote computer names and the
port numbers they are listening for synchronization of secrets.</para>
</sect2>
</sect1>
</chapter>
<chapter id="advanced-features">
<title>Advanced Features</title>
<para>Wallets can be dragged from the &kwalletmanager; window. This allows
you to drag the wallet to a file browser window, where you can choose to
copy, move, or link the wallet, as desired.</para>
<para>You might use this to save a wallet to portable media, such as a
USB keychain, so that you can take your passwords with you to work or
on a vacation, and still have easy access to important sites.</para>
<para>Future versions will have built-in functions for easy export or
copying of data to portable devices.</para>
</chapter>
<chapter id="credits-and-licenses">
<title>Credits and Licenses</title>
<para>&kwallet; © 2003 &George.Staikos;</para>
<para>Documentation © &Lauri.Watts; and &George.Staikos;</para>
<!-- TRANS:CREDIT_FOR_TRANSLATORS -->
&underFDL;
&underGPL;
</chapter>
&documentation.index;
</book>
<!--
Local Variables:
mode: sgml
sgml-minimize-attributes:nil
sgml-general-insert-case:lower
sgml-indent-step:0
sgml-indent-data:nil
End:
// vim:ts=2:sw=2:tw=78:noet
-->
|