Short guide for pam_kwallet with KDE Plasma 5 on openSUSE

pam_kwallet-guide.md

(based on these two blog entries and inspired by Fedora-Blog)

First install pam_kwallet:

sudo zypper in pam_kwallet

Then edit the files /etc/pam.d/passwd, /etc/pam.d/login and /etc/pam.d/sddm as follows, i.e. add the lines beginning with a - (the hyphens are valid PAM syntax to reduce log entries if these PAM modules should not exist) and ending with the ### comment:

/etc/pam.d/passwd :

#%PAM-1.0
auth     include        common-auth
-auth optional pam_kwallet5.so kdehome=.local/share  # Add this line
account  include        common-account
password include        common-password
session  include        common-session

/etc/pam.d/login :

#%PAM-1.0
auth     requisite      pam_nologin.so
auth     include        common-auth
account  include        common-account
password include        common-password
session  required       pam_loginuid.so
session  include        common-session
#session  optional       pam_lastlog.so nowtmp showfailed
session  optional       pam_mail.so standard
-session optional pam_kwallet5.so auto_start  # Add this line

/etc/pam.d/sddm :

#%PAM-1.0
-auth optional pam_kwallet5.so kdehome=.local/share  # Add this line
auth     include        common-auth
account  include        common-account
password include        common-password
session  required       pam_loginuid.so
session  include        common-session
-session optional pam_kwallet5.so auto_start  # Add this line

Now log out and in again to see if you do not have to type in your kwallet password.

Just hit the same problem after upgrading to LEAP 15.1 and libgcrypt20-1.8.2-lp151.8.1.

Exact commands to downgrade to v 1.8.2-lp150.5.3.1 and lock the broken version can be found here.