SDDM is the default desktop manager for Plasma. However, it has one major issue that has annoyed me for a while now.

On my GNOME setup, if I type a password to decrypt my partition earlier on in the boot process through sd-encrypt, the password gets cached in the kernel keyring. This password is then passed onto GDM who then uses it to unlock my GNOME keyring and auto-logins into GNOME.

But on my KDE setup, this isn’t possible. SDDM doesn’t support the above-described feature of fetching the cached password from the kernel keyring. So even if you setup auto-login, you end up having to unlock the keyring manually.

After looking around for a solution, I looked into how GDM does it. And I found pam_gdm.so. I looked at the code of pam_gdm and realized its pretty small and isn’t dependent on GDM. It is however dependent on keyutils, which is usually installed by default anyway.

So here’s what I did:

  1. Took pam_gdm.so from /usr/lib/security in my GNOME setup and copied it to the same directory in my KDE setup.
  2. Edited /etc/pam.d/sddm-autologin and added a line with auth optional pam_gdm.so before the line saying -auth optional pam_gnome_keyring.so.
  3. Ran systemctl edit sddm and typed in: 
    [Service]
KeyringMode=inherit
  4. Enabled auto-login by configuration file as shown in the ArchWiki. You can also enable it on SDDM preferences in Plasma Settings.
  5. Made sure I was using the sd-encrypt hook.

On my next boot, I only had to type in my password once and I got to boot right into my KDE setup.