IntelliJ was failing to save my GitLab API token. Every time I tried to add or update my GitLab account in Settings, the operation would silently fail or timeout. The IntelliJ logs showed repeated warnings:
WARN - #c.i.c.RemoteCredentialStore - Timeout while waiting for credentials
Root Cause
On Fedora (and other Linux distributions with GNOME), IntelliJ stores credentials in the system’s native keyring via the freedesktop.org Secret Service API. The GNOME Keyring was locked, preventing any credential storage.
This happened because I was connected via SSH - the keyring normally unlocks automatically when logging into a desktop session, but SSH sessions don’t trigger this.
Diagnosis
Check if the keyring is locked:
dbus-send --session --print-reply \
--dest=org.freedesktop.secrets \
/org/freedesktop/secrets/collection/login \
org.freedesktop.DBus.Properties.Get \
string:'org.freedesktop.Secret.Collection' \
string:'Locked'
Output boolean true means locked.
Solution
Unlock the keyring from the command line by entering your login password:
read -s -p "Password: " pass && echo -n "$pass" | gnome-keyring-daemon --unlock && unset pass
After running this, IntelliJ was able to save the GitLab token.
Why This Happens
- GNOME Keyring encrypts secrets and requires unlocking
- Desktop login normally unlocks it automatically via PAM
- SSH sessions bypass the desktop login flow
- The keyring can also lock after extended idle periods
Verification
After unlocking, verify the keyring is accessible:
dbus-send --session --print-reply \
--dest=org.freedesktop.secrets \
/org/freedesktop/secrets/collection/login \
org.freedesktop.DBus.Properties.Get \
string:'org.freedesktop.Secret.Collection' \
string:'Locked'
Output should now be boolean false.
Alternative: Use KeePass Storage
To avoid keyring issues entirely, configure IntelliJ to use KeePass:
- Settings → Appearance & Behavior → System Settings → Passwords
- Select “In KeePass” instead of “In native Keychain”
- Choose a location for the encrypted KeePass file
This stores credentials in a local encrypted file rather than the system keyring.