KWallet and KMail - overkill, non-intuitive and frustrating

Story: The Perfect Desktop - OpenSUSE 12.3 (GNOME Desktop)Total Replies: 21
Author Content
Ridcully

Mar 29, 2013
4:50 AM EDT
OpenSUSE 12.3 is a dream to install. It's fast, delightful to use and I like it - very much. I prefer KDE and folder view, but that's my personal preference.

Now we come to the utter schtinking part: KMail and KWallet. Of all the bits of software designed to get someone tearing their hair out in frustration, these two items are the winners - or at least as far as I have found to this point. Now it's not KMail as such.........it's the combination of KMail and KWallet together.

Okay.....in KDE in openSUSE 11.4, you open KMail for the first time. You set up an account. It asks you if you want to use KWallet. You have a CHOICE, KDE Developers, a CHOICE !!! You can either use KWallet....OR, you can tick the box that says you are quite content to have the password stored in the software and that's all that's needed. When you start KMail from now on, it automatically finds the password and your mail provider and downloads your email...You never have to give it the password again.

Now, I am the first to admit that this is fine if you are using openSUSE as a single user where your computer is never used by anyone else. I can see there probably would be security problems on a net system and that, I suspect, is where KWallet comes in.

However in KMail in openSUSE 12.3, the choice to use KMail as a single user has been taken away from you and frankly, that is not nice in my opinion. If you want to store a password, you MUST use KWallet....Oh, and have you ever tried to use KWallet ? I did, and I also tried to understand the KWallet "book of instructions" and got no-where. I told KMail to set itself up, told it that I did not want to use KWallet......and so I found myself in the position where I could NOT give KMail my email server password.......You can, I think, feed that password in each time you ask for a download, but that's repetitive stuff and nonsense and you should not have to do that......you certainly don't in KMail in openSUSE 11.4.

So I activated KWallet and tried to set up a wallet for KMail. I still do not know if I have done so, nor do I know if it stored the password. The best bit in this latest KMail and KWallet fiasco was that you could insert the password in the account window with KWallet activated, then try to get your mail, only to find that you were told that KMail could not access the password in KWallet and the software sent you back nearly screaming to the accounts window where everything was all correct.......I still cannot find out how to insert a password in KWallet.....So far, at least for me, KWallet is a safe without a key. Oh yes, and the final bit of fun......If you have managed to get your correct password into the accounts window and you deactivate KWallet, your password automatically disappears. Isn't that nice ? NOT !!

What I do know is that after an hour of running in circles where the two pieces of software refused point blank to talk to one another, I deleted the account, set it up again and inserted the password while KWallet was running and somehow (and dear heavens, I still, STILL do not know what I did), I could suddenly receive emails without having to put in the password each time I started KMail.

Ahhhh.......but wait a moment.......I have since shut down the computer.......Perhaps it is all over to do again when the software is started afresh. Believe me, I can't wait to find out.......yeah, right.

Whatever, I do know that the links of KMail and KWallet are the most frustrating and annoying aspects of this latest version of openSUSE. KMail itself is marvellous in its display and use and I have no gripes with that aspect......What I find unforgiving is this mad desire for overcomplexity for users with very simple requirements and there should be a way of allowing a password to be inserted in this latest version without using KWallet. I don't like running around in circles that seem to be impossible to get out of. As for KWallet, you can keep it. Give me back my choice to have a simpler KMail please.

That's my 2c worth.
tracyanne

Mar 29, 2013
5:44 AM EDT
I don't use KMail, but I do use KWallet, I store all my passwords in KWallet, it's simple to use and setup, and I've carried the same wallet from Mandrake to Mandriva (KDE of course) to Ubuntu Gnome 2 to kubuntu to Linux Mint GNOME 2 and Linux Mint KDE.
Ridcully

Mar 29, 2013
6:24 AM EDT
Thanks TA........and that pretty much confirms my "intuitive" complaint. I could NOT figure my way through the wretched thing. So......do you start with KWallet and a setup or end with the thing as you fight your way out of KMail ? As you can see, I just about tore my keyboard in two from sheer frustration. Perhaps you ought to write a brief tutorial on how to use that blasted software ?

I kid you not......if ever I get to learn how KWallet is set up, simply and easily, I'll write a tutorial myself. I can open the Wallet window; I can see the settings, but it simply does NOT make sense to me. I forgot.....at 70, one's brain atrophies......LOL.

Update..........Indeed I am correct: if you shut down and restart openSUSE 12.3, the KWallet has to be restarted for KMail. So, once you open a computer session, start KMail and enter the password, the password remains there until you shut down. You can close KMail and do other things, and then reopen KMail and all is well. But, shut down completely and the next time you want to use KMail, you must once more put in the account password. This was not needed under the older system and to me it is far more convenient. However, I guess it is uncurable-endurable. At least I have managed to figure out how to get all my email files across to the newer version of KMail easily and quickly in a mass transfer using a usb stick. It is simply that this latest version of KMail stores its mail in a different location......once you know where it is: /home/username/.local/share/local-mail

It was stored in /home/username/.kde4/share/apps/kmail in the older versions.

Kmail itself is delightful. The real gripe as far as I am concerned is this insistence on using KWallet for the password for single users. But then, as TA indicates, she has no trouble. I think I'll go take up knitting. LOL.
Fettoosh

Mar 29, 2013
9:58 AM EDT
@Ridcully,

For the same reasons you cited, I don't use KMail nor KWallet currently, but I might in the future when I think they are stabilized enough.

I am glad you finally got to like KMail after going through havic. By the way, do you have any hair left? :-)

About single user setup, remember Linux is multi-user, multi-tasking OS and KDE is justified to comply especially if you can use KMail, or any application for that matter, without having to deal with KWallet.

My understanding is that KWallet is optional. It can be setup to manage passwords for some applications but not others. Or turning it off altogether or for individual application by deleting its entry in KWallet even after configuring it. Have you tried that?

I know the documentation are not that good, but trial and error might be helpful. :-)

Bob_Robertson

Mar 29, 2013
10:36 AM EDT
Ah, this must be KDE4 problem.
JaseP

Mar 29, 2013
11:23 AM EDT
Yes it is a KDE4 problem... The solution is not to use kwallet or kmail... pretty much as others have indicated here. In fact, I use none of the kontact suite stuff, except for the parts that run under the hood (nepomuk & stringi),... and I limit those.
tracyanne

Mar 29, 2013
4:55 PM EDT
Tony sorry I didn't get back to you. I didn't even get back to my computer after that post.

Perhaps we can do a voip session, and I can walk you though your issues.

Seriously KWallet really is quite simple. The biggest problem is how various distros integrate it into other applications, as far as I can tell.
Ridcully

Mar 29, 2013
7:44 PM EDT
@Fettoosh......this is the easier one. Oh yes, I am absolutely aware that openSUSE is designed for multi-user and so forth, and implied this concept in my first post:

Quoting:Now, I am the first to admit that this is fine if you are using openSUSE as a single user where your computer is never used by anyone else. I can see there probably would be security problems on a net system and that, I suspect, is where KWallet comes in.


So, for me, there is no problem with understanding why the software is present. The point I want to make, very loud and clear, is that a very simple choice of allowing a standalone user with no-one else using his/her computer and not on a multi-user network of any sort, has had a previous choice removed. It irritates the heck out of me.

To explain further, prior to this KMail-KWallet enforced link, you simply put your email password into the account window and that was that for a single user. You COULD use KWallet if you wanted, but you did not HAVE to use it. Once the password was inserted, you never touched it again. From a "cold boot", you reached your desktop, opened KMail and clicked on receive and that was that.

BUT......with this KMail-KWallet linkage, you can turn KWallet off.....if you do, you must insert your password each time you want to receive email.....Or you can turn KWallet on.......if you do, you must then insert the password at the start of a session, but it remains open for the remainder of the time the computer is on and running. Essentially, it doesn't matter which way you go, you must put in a password each time you want to receive email.

@JaseP.....I so thoroughly agree. As far as I am concerned though, KMail is a beautiful piece of software. Brilliant. It is simply that the developers have decided unilaterally that a single user choice is no longer to be offered, like it or lump it. I even contacted them personally and got a reply.....They will NOT restore that choice. BUT WHY ??? All they have done to me is increased my stress levels......and my hair is now whiter than white. It'd be funny if it wasn't so annoying.

@Tracyanne....thanks TA. Much appreciated. At the moment, I seem to have something running and I shall play with it a lot more. I do have one question though. Let's assume you have KWallet running "somewhere" on a computer and it's set up nicely. Okay, you start from a cold boot and sooner or later want to use a piece of software that is "coupled" to KWallet. Now, at that point, do you always have to put in a password at the start of a session to get it going for that session ? If you do, then that makes sense of what I am seeing.
tracyanne

Mar 30, 2013
12:12 AM EDT
On my Linux Mint System I only have to enter a kWallet password when I want to access MY wallet, never for the system wallet which is opened by me logging in, which is where the wireless passwords and email passwords are stored. I suspect the issue is related to the way the system is setup/what ever you did that probably created a non system/personal wallet, and now stores those passwords in the personal wallet.

Usually what happens isw when I setup a wireless connection for the first time, and I would assume that applies to Kmail and any other KDE application that requires a password to connect externally, the system prompts me to create a KWallet password, it then creates a system wallet, which stores those passwords. My personal Wallet is seperate, and I have to add it to the Wallet manager manually on new systems, unless I merely install a new system (kubuntu , mageia, Linux Mint KDE, SuSE I suspect, would all just work for me, but require that my personal wallet be connected to the manager), which means my KDE config file stays intact in my home directory.

So the issues you are having seem quite strange to me. But I've not used SuSE since 1999.
tracyanne

Mar 30, 2013
12:15 AM EDT
On my Linux Mint System I only have to enter a kWallet password when I want to access MY wallet, never for the system wallet which is opened by me logging in, which is where the wireless passwords and email passwords are stored. I suspect the issue is related to the way the system is setup/what ever you did that probably created a non system/personal wallet, and now stores those passwords in the personal wallet.

Usually what happens is when I setup a wireless connection for the first time, and I would assume that applies to Kmail and any other KDE application that requires a password to connect externally, the system prompts me to create a KWallet password, it then creates a system wallet, which stores those passwords. My personal Wallet is seperate, and I have to add it to the Wallet manager manually on new systems, unless I merely install a new system (kubuntu , mageia, Linux Mint KDE, SuSE I suspect, would all just work for me, but require that my personal wallet be connected to the manager), which means my KDE config file stays intact in my home directory.

So the issues you are having seem quite strange to me. But I've not used SuSE since 1999.
Ridcully

Mar 30, 2013
2:41 AM EDT
Thanks Tracy.....I'll give it a try and see if I can set up a system wallet......What you have said above sounds perfectly logical to me and probably is the underlying reason. If it is, I'll get back to you.....And if it is, then I am rather irritated with the KMail and KWallet "powers that be"......this particular aspect has been holding me back for at least a year with respect to openSUSE. I am intrigued though and I hope you're right.
Ridcully

Mar 30, 2013
6:02 AM EDT
Hi Tracy..........and here are the results. I was able to get into the KWallet manager. I then deleted the previous wallet and set up a new one which I called system and its password was set to my login password. Okay. I then opened KMail and it immediately whinged for want of a password in order to receive emails. Fine, I then set the correct Bigpond client password which was happily accepted. Emails could then be received.

I then logged out and restarted the computer......and guess what......The KMail client again demanded that I insert the password to open the wallet.......Once that was done, yes, it could then receive emails. However, the way this thing appears to be set up in openSUSE is that you MUST insert a password before you can get KMail to receive emails, even if the correct password is set inside the accounts window. There does not appear to be any way around it.

Tracy, this is complexity and nausea for complexity's sakes as far as I am concerned and a dreadful indightment on the KMail and KWallet team as far as I am concerned. It really, really angers me......Right now in openSUSE 11.4, I have a superb KMail system. I can use KWallet or not use it, as I choose......and I choose not to use it because the results are so simple and easy to use. The KMail and KWallet developers have apparently put in place a system in which you cannot start your email reception unless you put in your password.......Okay......that's how it is. But for a single user not on any network, this is a step backwards.

I shall try to contact the KMail team and see what I get.
Ridcully

Mar 30, 2013
6:27 AM EDT
Tracyanne.........you are gonna LOVE this one. I have fought my way to a successful conclusion, but I am not sure it is perhaps the most.........ummmmm........correct way.

Okay.......here is what I have done. I have set up a "system" wallet and I have ensured that KMail can use the password stored in it. No matter what I tried, if I gave the wallet a password, I had to enter that password in order to get into the wallet to allow KMail to access the Bigpond email server........SO........I figured that if I gave the Wallet a blank password, would that stop the nonsense.........and indeed it did. I changed the password to just "return", but still retain my correct password for the Bigpond email server..........and .......KMail now just works........no need to put in a password each time you use it.......I have probably disobeyed all the laws of security......but it does what I want. Comment ? But, hey........I really HAVE now got KMail doing what "I" want it do do.
Fettoosh

Mar 30, 2013
8:19 AM EDT
Quoting:I figured that if I gave the Wallet a blank password, would that stop the nonsense.........and indeed it did.


I am calling KDE support to let them know that KMail has Big Big security hole by accepting a blank password. :-)

Ridcully

Mar 30, 2013
8:45 AM EDT
@Fettoosh.......it is NOT KMail, it's KWallet that has the security hole. But the whole stupid mess comes about because the KMail-KWallet combination is forcing single users onto a multi-user status. And in that sense, and as far as I am concerned, the KMail developers need their heads knocked against a brick wall for removing the simple single user password situation that existed in earlier versions of KMail. You might like to pass that on as well.

Update......The password for KMail has always been and currently is the special password used for getting into my email server at Telstra-Bigpond. I cannot change that and of course it will NOT accept a blank password, nor did I ever try to do that. What I did was give the KWallet a blank entry password so that it automatically opened and allowed access to the encrypted password for KMail and Telstra-Bigpond......KMail is NOT, repeat NOT at fault.....other than the stupidity of forcing everybody onto KWallet.
Fettoosh

Mar 30, 2013
9:07 AM EDT
My bad, I wasn't really focusing when I read you detailed procedure. Good thing you figured it out where it should have been in documentation somewhere. I assume you thoroughly looked. :-)

Ridcully

Mar 30, 2013
9:21 AM EDT
No worries Fettoosh.....I am not even sure this is a security hole for KWallet. You can make the opening of any wallet as difficult or as easy as you choose, but the password is still encrypted and protected as far as I know and this is a situation that is really only applicable to a single user. As I understand the current situation, you could make the wallet opening password a single digit or letter......I chose to make it blank so that it opened automatically under the system and allowed KMail access to its necessary password at any time. What I did find was that even if I set KWallet settings so that KMail had access at any time, it still forced insertion of the password to open the Wallet. That may in fact be a bug as the Wallet does not seem to be reacting the way it should be according to the settings.
Fettoosh

Mar 30, 2013
10:10 AM EDT
You have found quite a bit of helpful information that I am sure will come in handy for me when I decide to use KMail & KWallet. I am sure they also would be beneficial to others. Thanks

In regards to the validity of blank password in KWallet, in the setup you outlined, does KWallet still prompt for a password and a "Enter/Return" is required? And do you suppose or possibly the developers intentionally made that available as a feature?

cmost

Mar 30, 2013
10:59 AM EDT
All that ranting and raving...you're going to give yourself a stroke. Instead, set Kwallet's password to be blank and then tick the box to "always allow access" whenever any application tries to use Kwallet. Better yet, use Thunderbird. Problem solved. Geesh!
Fettoosh

Mar 30, 2013
11:22 AM EDT
Quoting: Instead, set Kwallet's password to be blank and then tick the box to "always allow access" whenever


Don't you think you are a little too late? If you have been following the thread and have known that, you wouldn't have had to be so blunt.

tracyanne

Mar 30, 2013
5:27 PM EDT
Well that's odd, this situation must only apply on SuSE, or perhaps not Ubuntu based distros, or mabe not Distros i've used. I just checked the wallet that holds my network wireless passwords it requires a password to open it, and yet I've never been asked to supply that password unless I'm adding or removing a wireless connection.

On start up my machine automagically connects to my wifi router, supplying the correct password in the process. I am never asked to supply a password for the wallet that contains that password. I have never had the problem you complain of Tony.
Ridcully

Mar 30, 2013
5:48 PM EDT
Yes, Tracy, it's a weird one, but solved as far as I am concerned. It means that at last I can use KMail the way I have always used it in the latest versions of openSUSE......but it has taken about two years of sheer frustration to reach this point and I got it by sheer good luck, fluke or happenstance. If "cmost's" comment was a serious one however, it seems that my eventually found solution is already known.......but if so, it is the most "untalked about one" in the circle of Linux discussion and debate that I normally frequent. However, I did a quick search and it is already on the web and in this case it was to do with Ubuntu:

http://www.kubuntuforums.net/showthread.php?46478-KWallet-wi...

So "setting a blank password for the Wallet" isn't a security problem, it's a widely known and acceptable way of allowing software access to the stored passwords. I also want to thank you especially too. If you hadn't triggered my deeper interest in this matter and sorta kinda forced me to really "play" with KWallet, I'd still be very frustratedly chasing a solution to the KMail and KWallet link.

@Fettoosh.....mea culpa....I looked at your second last post again and realised I had not given the courtesy of a reply. Okay, as far as my investigations go, once you set the Wallet's password to a "return" or "blank", software that needs to access the Wallet in order to get at a password stored inside the Wallet (and in my case it is only KMail) doesn't ever ask you for the Wallet opening password again.....or at least that is how it seems to be.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!