Unlock all private keys on Ubuntu, entering password only once at login
I login to Ubuntu 12.04 using a password. Later on, when I use my browser(Chrome), I'm asked for a password to unlock the keychain so that the browser can access my saved credentials for various websites (it's the same password). Also, whenever I use SSH to connect to other computers using my private key, I am prompted for the same password to unlock my private key.
How can I make it so that I am asked for my password exactly once per login (given that my login password is the same as the one I use for all my private keys)? One important requirement: all of my private keys should have a password. This means that I will have to type in one password on login, which will unlock some key which in turn decrypts the passwords for all other keys (which are also unlocked). It also means that if someone else gets access to my private keys, they will not be able to use them without at least one password.
Probably someone will try to label this question as a duplicate of this question, this question, or this question. While these questions are similar, none of them explicitly say that there still needs to be a password entered on login, as I am demanding here. As a result, the accepted solutions just say "set your passwords to blank"--I don't want that, it's dangerous! So I am aware of the similar questions, but none of them has received the correct answer yet, because they are slightly different.
1) After Creating the Public Key By Following,
The first step involves creating a set of RSA keys for use in authentication. This should be done on the client. To create your public and private SSH keys on the command-line:
mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t rsa
You will be prompted for a location to save the keys, and a passphrase for the keys. This passphrase will protect your private key while it's stored on the hard drive and be required to use the keys every time you need to login to a key-based system:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/b/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/b/.ssh/id_rsa.
Your public key has been saved in /home/b/.ssh/id_rsa.pub.
2) You must add your private key (might be not secure) but still you can do this,
ssh-add ~/.ssh/id_rsa
Source From Ubuntu Wiki.
Go to System / Preferences / Passwords and Encryption Keys to see your keyrings.
All the keys / passwords you want to unlock when you login must be in the login keyring.
If they are in other keyrings, delete them, and next time you are asked for the password there should be an option in the pop-up window to store it in the login keyring. (I think you cannot just copy from one to another, you need to delete.)
Depending on your case things may be slightly more different. If the above doesn't work then please attach a screenshot of the pop-up window you get with all advanced options expanded.
Set your keyring password to be the same as your log-in password, not blank. This will achieve your goal of unlocking the keyring on log-in, and will keep the keyring itself protected with a password as well. This is in fact, the default behavior for a new setup, so likely you changed your password at some point, or specifically set a different password on your keyring. Change one or the other so they both match, and everything will unlock when you log in.