Hi,
I am using the password manager KeepassXC and its secret service integration. The password manager saves changes immediately and because I am using a Yubikey as a second factor I have to touch the key every time changes are saved. This means that every time eduvpn saves something to the keyring I have to touch the Yubikey which would not be a problem if it happened rarely but it happens literally every time I invoke the cli (even just eduvpn-cli --help). This is annoying and seems unnecessary.
I took a look at the source code and the behavior I described seems to be caused by the way eduvpn checks whether or not the keyring is available. It seems to test this by saving something to the keyring, reading it and then deleting it [1].
Would it be possible to change the keyring detection such that it doesn't save something to the keyring or have that check only happen when necessary?
[1] github.com/eduvpn/python-eduvpn-client@1d37f56d07/eduvpn/keyring.py (L63)
PS: One workaround I know of is to invoke the cli with an empty DBUS session address, i.e. DBUS_SESSION_BUS_ADDRESS= eduvpn-cli
Hi,
I am using the password manager KeepassXC and its secret service integration. The password manager saves changes immediately and because I am using a Yubikey as a second factor I have to touch the key every time changes are saved. This means that every time eduvpn saves something to the keyring I have to touch the Yubikey which would not be a problem if it happened rarely but it happens literally every time I invoke the cli (even just `eduvpn-cli --help`). This is annoying and seems unnecessary.
I took a look at the source code and the behavior I described seems to be caused by the way eduvpn checks whether or not the keyring is available. It seems to test this by saving something to the keyring, reading it and then deleting it [1].
Would it be possible to change the keyring detection such that it doesn't save something to the keyring or have that check only happen when necessary?
[1] https://github.com/eduvpn/python-eduvpn-client/blob/1d37f56d07d142b6cffa00d00329ad5fcc05f47e/eduvpn/keyring.py#L63
PS: One workaround I know of is to invoke the cli with an empty DBUS session address, i.e. `DBUS_SESSION_BUS_ADDRESS= eduvpn-cli`