KDE Plasma

Base KDE Plasma packages for the full Plasma experience. Bundle with other packages to prevent package conflicts providing the same functionality.

TIP: Include any and all packages you want installed in a list to pacman. That way pacman will resolve package dependencies correctly and not install packages that would cause conflicts with other packages later on in the setup; e.g. the plasma group installs pulseaudio as a dependency of plasma-pa, but pulseaudio and pipewire (see below) are conflicting packages, meaning they can't both be installed at the same time prompting you to remove one or the other. Explicitly selected packages take precedence over packages auto-selected via dependencies.

pacman -S plasma plasma-wayland-session kde-applications

Setting up the display manager

The plasma package group includes the Simple Desktop Display Manager (SDDM) for signing into KDE Plasma sessions and others.

Enable SSDM to start on boot and present a graphical login interface:

systemctl enable sddm

SDDM uses the X11 keymap to determine the input method for the keyboard. Change the default keymap with localectl:

NOTE: Executing this command while chrooted into an installation will produce an error that the locale could not be found. Set after rebooting the system, press CTRL + ALT + F3 when SDDM shows up (or any F-key between 2 and 7) to switch tty, log in via the command line and execute the command as root.

localectl set-x11-keymap de

KDE Wallet

KDE Wallet is the integrated password manager and secret store of KDE Plasma. It stores passwords to websites, WiFi networks, network shares, SSH keys and more.

Unlock Wallet automatically on login

To automatically unlock your wallet on login, the kwallet-pam package provides the necessary PAM modules (already part of the plasma package group).

There are several caveats to consider:

Only blowfish encryption is supported
Wallet can only be unlocked if the autologin method saves the password, e.g. when using pam_autologin
Wallet cannot be unlocked when logging in with a fingerprint
Wallet must be named kdewallet (default name)
Disabling automatic closing of Wallet may be desired to keep it from asking for the password after every use
When choosing to secure Wallet with a password it must match the user account password

Automatic unlocking can also be achieved by setting no password. Do keep in mind, however, that this could lead to potentially undesired read/write access to your secrets. Enabling Prompt when an application accesses a wallet under Access Control is highly recommended.

When setting up with SDDM as display manager (default for Plasma) no further PAM configuration is necessary, as the config comes with SDDM.

Storing SSH key passphrases in Wallet

KDE Wallet can be used to store passphrases for SSH keys and have a KDE prompt appear asking for the password.

To also automatically unlock the SSH keys a SSH agent needs to be set up and running.

The openssh package (since version 9.4p1-3) comes with a systemd user unit to start the SSH agent on login regardless of a graphical session running:

NOTE: This needs to be run as the user you set up earlier, without sudo.

systemd enable --user ssh-agent

The user unit creates a Unix socket for other applications to communicate with the agent. For these applications to know this socket, the SSH_AUTH_SOCK environment variable needs to be set. This can be achieved via user-specific systemd environment variables.

On login, systemd parses *.conf files in ~/.config/environment.d/ and sets environment variables from these. Environment variables are set in a KEY=VALUE fashion.

Create a new file ~/.config/environment.d/ssh_agent.conf:

SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent.socket

Additionally, to have a KDE dialog box appear in case the passphrase is not stored in your Wallet, point the SSH_ASKPASS environment variable to the ksshaskpass application (also included in the plasma package group):

SSH_ASKPASS=/usr/bin/ksshaskpass
SSH_ASKPASS_REQUIRE=prefer

Chromium-based browsers

To make Chromium-based browsers (Google Chrome, Microsoft Edge, Brave, Opera, etc.) use Wallet as a password store launch it with --password-store=kwallet5 or --password-store=detect.

To make this launch argument persistent, add it to the "flags" file for the Chromium-based browser you want to use:

Browser	Path
Chromium	`~/.config/chromium-flags.conf`
Google Chrome	`~/.config/chrome-flags.conf`
Google Chrome DEV	`~/.config/chrome-dev-flags.conf`
Vivaldi	`~/.config/vivaldi-stable.conf`

See also: Making flags persistent on Arch Wiki

Misc additional packages

Additional packages you might want:

Name	Description
`freerdp`	Support for the Remote Desktop Protocol used for remote login to MS Windows machines
`kimageformats`	Support for additional image formats in Dolphin and Gwenview
`flatpak`	Support for installing applications as Flatpak packages from Flathub through Discover
`fwupd`	Firmware update manager; allows UEFI capsule updates in Discover if supported by firmware
`packagekit-qt6`	Manage Arch packages in Discover

Preparations

Booting the installation medium

Extra: Installing via SSH

Understanding Linux file systems

Singular file system

Singular file system (LUKS, encrypted)

Encrypt non-root devices (LUKS)

LVM + dm-cache (unencrypted)

LVM on LUKS (encrypted, Laptop)

LUKS on LVM (encrypted, cached, Desktop)

Base System

Time Zone & Locale

Network

Root Password

sudo

zsh

Add User

AUR Helper

initramfs

zram

Secure Boot

Boot Loader

Graphics Cards

Sound

Bluetooth

Printing

Trusted Platform Module

Universial 2nd Factor (U2F)

GNOME

KDE Plasma

Spell checking

Fonts

Polkit

Firefox

Google Chrome

Apostrophe

Discord

Blu-ray

Node.js (nvm)

KVM

Folding@Home

Timeshift

Snapper

Wine

Steam

DOSBox

ScummVM

OpenRCT2

CorsixTH

ioquake3

DXX-Rebirth

Minecraft

Sim City 3000

UT2004 (Atari DVD Release Version)

DBus

KDE Plasma Themes

Latte Dock

Additional Packages

zsh configuration

Plymouth

Reinstall preparation

Qt Wayland

Removing unused packages (orphans)

Restore Secure Boot Keys, Bootloader, LUKS TPM Key after Firmware update

WARNING: Possibly missing firmware for module during initrd generation

Python Applications Stop Working

Discover does not offer system package updates

Fonts in GNOME Flatpak apps are not anti-aliased on non-GTK desktops

KDE Plasma

Setting up the display manager

KDE Wallet

Unlock Wallet automatically on login

Storing SSH key passphrases in Wallet

Chromium-based browsers

Misc additional packages