Secret Tool Explained


secret-tool allows to access Gnome keyring from the command line.

This is a good option to store and retrieve password, for intance if you are using offlineimap or isync to retrieve email, but the syntax is kind of awkward and things get more confused if you use Seahorse to store the passwords.

The trick is doing everything from the command line, keeping in mind that:

$ secret-tool store --label='Password 1' password lookup_key1
Password: 12345678

associates 12345678 to the attribute named password of the entry named lookup_key1. The --label='Password 1' part, while being compulsory, has little or no role, here.

If you open Seahorse now, you will notice that label is used to fill the description field, “12345678” is stored in the “Password” field, and the details field contains password:lookup_key1:


Retrieval is performed by attribute and entry name:

$ secret-tool lookup password lookup_key1

Notice that Seahorse does not allow you to enter the details of an entry. Hence, there does not seem to be a way to enter a password from the GUI and retrieve it from the command line.

Using the command line you can store different attributes in the same entry and, similarly, different entries with the same attribute:

$ secret-tool store --label='Password 1' password lookup_key1
Password: 12345678

$ secret-tool store --label='Password 1' password lookup_key2
Password: qwerty

$ secret-tool store --label='Password 1' short lookup_key1
Password: 1234

$ secret-tool store --label='Password 1' short lookup_key2
Password: qwe

Author: Adolfo Villafiorita

Last modified: 2020-12-12 Sat 17:44 (created on: 2020-12-12 Sat 00:00)

Published: 2021-01-11 Mon 18:58