Introduction:
Organizations may sometimes require storing the generated token in a local keyring. However, errors may occur during this process. This document outlines the steps to enable the pass keyring and resolve such issues.
Problem:
"Error opening "pass" keyring: Specified keyring backend not available”
Important note:
This Kb is tested on Ubuntu. Please take a look at the OS-specific documentation for Pass installation.
Solution:
1: Install pass keyring.
sudo apt-get install pass
2:- Initialize the keyring.
pass init “pass keyring storage”
3:- Now try to authenticate using boundary and save the generated token into the pass keyring.
root@demo-controller-1:~# boundary authenticate password -login-name=admin -auth-method-id=ampw_5cAd4akI9G -keyring-type=pass -token-name=demo
Once authentication is successfully done, the Boundary will store the token in the pass keyring and display the msg.
Authentication information:
Account ID: acctpw_rPkCZbZ8bt
Auth Method ID: ampw_5cAd4akI9G
Expiration Time: Thu, 23 Jan 2025 09:40:04 UTC
User ID: u_BdBPQQK8pA
The token name "demo" was successfully stored in the chosen keyring and is not displayed here.
4:- Pass command to list saved tokens.
root@demo-controller-1:~# pass
Password Store
└── HashiCorp_Boundary
├── admin
├── demo
5:- How to retrieve the saved token from pass keyring.
root@demo-controller-1:~# boundary config get-token -keyring-type pass -token-name demo.
at_Mc3d0mjuYl_s1jP83RZVnqHNuAR2k6mqK2WE4JgCPJ8jbVEmtzcrWyUMc98QXVEZmKmuFC2Kh2vho1pq9WwXo3n4L68kYbTfJXQ1fVBeCPF8gNQj9zrXQkhF3GqGCHB