Jabref keeps asking for a "wallet" to encrypt data?

The last few times I have booted Jabref I get a series of windows asking for various “wallet” apps to choose the encryption method?? I have no need to encrypt my Jabref data and don’t use a “wallet” in my research machine. I have to keep cancelling a series of windows that are asking ffor perhaps different wallet apps?? Eventually it does close the window, but it’s time consuming.

I tried to look in Preferences to see if there is a way to toggle the inquiries to “off” . . . when I clicked on Prefs, again the windows opened asking for “blowfish” or something else, so it seems to be connected to Prefs, but could not see where to toggle that series of questions off??

Hi,

the “wallet” or keyring stuff refers to the secure storage of API keys for fetchers or for example for the AI Providers.

OK, thanks for the reply. I’m only searching Pubmed for the most part, I don’t think there are any API keys that go along with that?? No AI providers??

Can I turn off this request, OR I just need to pick something “blowfish” or “CPG” to make it go away??

We thought a little bit about that, the window pops up probably because we test on startup if there is a keyring available to store passwords. This may toggle automatically the keyring app in your os to open or complain.
Are you maybe using a proxy and decided to persist the password for it in the preferences?

Please check also if custom api keys for fetchers should persist:

Thank you for checking and reporting.
Carl

OK, checked those out, not using any proxies, so my network settings look like what you have posted.

And the web search looks the same . . . I do not have the “persist api keys between sessions” box checked.

Ok, then there must be another check somewhere on startup. The problem is, the dialog comes not from JabRef, but from kwallet, your kde integrated password manager, which also manages all the other secrets on your machine. The first time it is called, it is trying itself to open a wallet, which does not exist at this moment, if you never used kwallet before.
The dialog should vanish though once you have created a wallet. You should be able to continue to work then.

1 Like

That’s funny . . . as largely there are no “secrets” on my machine. And in the Pop_OS! system, which was upgraded a couple months back I had to go to GNOME DE . . . I don’t have Plasma installed as an optional DE in that system.

So, also, yes, did not create a “wallet,” or used kwallet. The problem with the dialogs is that there are 4 or so windows that are asking the same question, so far I cancel out of each of them each time I launch Jabref.

It gives me the two choices “Classic Blowfish” or GPG?? Is one better than the other? I don’t have “disk encryption” or any other encryptions . . . should I go “Classical” or “GPG” in my kwallet creative processes??? : - 0

I have no clue about KDE, but I am interested in the place where the store is asked to do something.

Can you start JabRef with --debug?

(Our docs unfortunately don’t have more information than that Command line use and options | JabRef)

And then share the excerpt of the log file so that we can hopefully trace down where it happens.

Happy to check anything out, but I would need the precise command that you are requesting to see. When I ran: $ jabref --debug Command 'jabref' not found, but can be installed with: sudo apt install jabref
I then ran it as sudo, and got the same response. I launched Jabref and ran the command again and got the same “you can install it.”

I saw a thread on the openSUSE forum where a gent was having similar problems with kwallet, possibly on his phone . . . and I came up with the idea of, “Can I remove kwallet” from my system to get rid of this problem?? Haven’t had a moment to run that in my Pop system to check out my idea . . . eliminate the source of the problem, etc.

Hi,

for linux you probably need to run it like this from terminal:
<your jabref install path>/JabRef/lib/runtime/bin/JabRef --debug

1 Like

Thanks for making that a bit more clear . . . I was at work last night when I was replying to this thread, as that is often the case when I launch Jabref . . . lots of talking students . . . .

I did click on that link which brought me to the “command line” wiki . . . but couldn’t find the clear space in thought to pick the command to run.

The “” would be my /home user name like “/Home/esteelpaz/Jabref/xxxxxx”??? Or something else?? What I thought was interesting is that Jabref wouldn’t launch from the console, and instead offered to install it???

I used GDebi to install the downloaded Jabref 6xx?? package, but after that I don’t believe I made any decisions on where to install it??

Is locate available on ubuntu and working?

1 Like

/opt/jabref/bin/JabRef --debug

1 Like

I use openSUSE and have had trouble with this too, but the problem is related to KWallet and not specific to openSUSE or JabRef. I read a bunch of threads and bug reports trying to understand and fix it, because I use KDE Plasma and wanted to store my PubMed API key.
I used to get an error message when JabRef launched that it could not access the secret service (or secrets service, or whatever the correct name is). I no longer have the error, but have not been able to add API keys to the web search preferences. This is with the development version of JabRef.
I might be able to help troubleshoot more after refreshing my memory, and maybe with some help from the maintainers. Like you, I was not deliberately using the keyring, but found that some apps on my system do use it – Network Manager does, I think.

One thing I recall is that KWallet did not support the secret service until fairly recently, so a lot of people use Gnome keyring or KeepassXC.

1 Like

There are API keys for PubMed. Using a key increases your rate limit and, if I am not mistaken, also the number of records you can retrieve at once.

1 Like

Thanks for the reply and the links to those other threads . . . the “customapikeys” error is one of the four that I get as well.

So, as far as Pubmed goes I do it the old fashioned way, one citation at a time. I had to go through their “log in.gov” password process . . . which I’m not sure if I am even logging in to Pubmed these days . . . . I use Jabref to search the PMID number . . . and add it in . . . slowly and carefully.

I haven’t had time to try to remove kwallet yet, because it isn’t called “kwallet” it’s something like “lib234kwallet” . . .

Oliver K:

So I ran that command, thanks for sharing . . . it looked like only a small amount of data, but when I went to copy it it turned out to be 38 pages of Libre Office Writer produced document. What should I do with this document?? Compress it and upload it here?? Or there is a site of choice where I can upload it for a brief period of time??? I don’t know whether that doc would take up any more space than a screenshot . . . ??? Point is, I have the data, and in the process of running that command, the 4 “please make a decision” windows opened and I cancelled them, leading up to loading the Jabref app . . . .

The overlapping names of related libraries, services, and apps are very disorienting. As I understand it, the keyring or wallet is essentially a “password manager” for your apps (not necessarily for you). Where the keys are stored and the service that provides access to them are different components. In KDE Plasma on openSUSE, the GUI app is called KWalletManager and the library that provides the “secrets service” is called libsecret-1-0.
If you have not already tried it, you could just go with the prompts and create a wallet. I think this will get rid of the pop-ups even if JabRef can’t access the wallet (the problem I used to have).
I chose GPG and the default wallet, named “kdewallet”. I also tried Blowfish (weaker encryption) and a non-default wallet. Neither of those made any difference.

2 Likes

So that is the question, which is the avenue of least resistance?? To “create” the wallet . . . or try to remove the wallet manager???

Perhaps if Pubmed would at some point want an API key ring, then I guess just setting it up as perhaps “GPG” . . . and then forget about it??

The question I have is why your gnome-based system has KDE kwallet installed instead of gnome keyring. JabRef doesn’t install it, so presumably kwallet is either a dependency or the default for your distro. In any case, creating a wallet should eliminate the pop-up, like Carl pointed out. I would vote for creating a wallet and forgetting about it. This way

  • kwallet will remain available to other apps that might use it (now or later)
  • You won’t have to remember later what to reinstall if you change your mind about using API keys for AI in JabRef
  • You can easily uninstall kwallet any time, and if you want, replace it with gnome keyring (which also uses the “secrets” service).
2 Likes