Keyring on Linux (CentOS 7)

OS: CentOS 7
R Version: 3.6.0
I am trying to use keyring package to encrypt my credentials on Linux. I am using RStudio Server Open Source Version. I want to Automate scripts which will use my Credentials to Authenticate various systems (Examples: Email and Database Credentials)
Question: In Linux do we have anything similar to Windows Credential Store Keyring. Reason being I want to store my credentials using key_set() but in Linux I don't see any default store. Creating a new keyring and storing the credentials will block me from automating my scripts as someone needs to authenticate / unlock the keyring in every session that I use.

Appreciate any help and Thank you in advance
@kaushiklakshman: Sorry for tagging you but I think you had a small thread where you discussed this. Any knowledge sharing would really help me. Thank you in advance.

Hi @Swamy

Sorry for the late response on this. There are different options for credential stores in Linux. However, some of them require a GUI component. This wasn't an option for me with an EC2 instance. Hence, I used file based backend. As described in the thread you linked, using keyring::backend_file$new() helps you establish that you want to use the file based keyring.

Then I also had to specify R_KEYRING_BACKEND='file' in a .Renviron file that lets R know every time it loads up a new session that your default keyring should be file based. On top of this, I think file based keyrings are always locked by default. Therefore I also had to create a .Rprofile file that has the below code to unlock it when a new session opens

.First <- function() {
    if(keyring::keyring_is_locked() == TRUE){
        keyring::keyring_unlock(keyring = "your_keyring_name",
                                password = "your_keyring_password")
 }
}

I'm not a 100% sure on this but if other backends like libsecret are an option for you, I think you need not specify the default option in the environment file and the unlock step.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Hi @kaushiklakshman, thank you very much for your reply and solution. In between I tried multiple other packages such as "keyringr", "digest" and "sodium". I think except for "digest" the other two packages use libsodium as you mentioned for back end encryption and all of these packages need a key / password to really decrypt the credentials which fundamentally match with "keyring" package.

I will keep this solution as PoC for different types of Securing Credentials. Thank you once again for the help.