Automatically unlock KeePass database with GNOME Keyring

_.md

(Tested with KeePassXC on Fedora 25)

By default when using GNOME Keyring you have a keyring that is unlocked when you log in (usually called "Login"). You can make use of that by storing a KeePass database password in this keyring and using it to automatically unlock your KeePass database.

Store the KeePass database password in GNOME Keyring. You'll have to set a label and at least one attribute/value pair. The label is displayed in a GNOME keyring manager (e.g. Seahorse), the attribute/value pair should be a unique identifier because it's needed for the lookup. I suggest to use keepass as attribute and the database name as value (make sure it doesn't contain any spaces).

secret-tool store --label="KeePass <database_name>" keepass <database_name>

Then create a script to launch and immediately unlock your KeePass database.

#!/bin/bash

secret-tool lookup keepass <database_name> | keepassxc --pw-stdin /path/to/<database_name>

You can now use this script to launch KeePass with your database already unlocked. I recommend to create a desktop launcher for more convenience.

This works for me on Ubuntu Linux in that it starts KeePassXC and unlocks the database. But there's still a prompt to enter a password in the terminal window, and the script doesn't proceed. Any thoughts?

@Organic-Marble Sorry for the late message, I found that switching the order of the argument works:
keepassxc /path/to/<database_name> --pw-stdin
So the command should read:
secret-tool lookup keepass <database_name> | keepassxc /path/to/<database_name> --pw-stdin