On Sat, 2018-06-23 at 16:40 -0400, Jeffrey Ross wrote:
>
> On 06/22/2018 07:54 AM, Berend De Schouwer wrote:
> > On Fri, 2018-06-22 at 07:37 -0400, Jeffrey Ross wrote:
> > > At one point Fedora had something (keyring?) that would allow me
> > > to
> > > unlock my SSH private keys and it would keep the unlocked key
> > > available
> > > so I could ssh without having to unlock my key every time. I
> > > typically
> > > run a simple "terminal" window and then "ssh <hostname>" since my
> > > key
> > > is
> > > not retained unlocked I'm prompted for a password.
> > >
> > > Fast forward to today, the system had been reinstalled (new
> > > hardware,
> > > new disks, etc) and I no longer have that ability. I'm currently
> > > runn
> > > Fedora 28 and the desktop is "Gnome", I'm sure it is just a
> > > matter
> > > of
> > > installing/configuring/running the correct application.... but
> > > which
> > > one?
> >
> > You're *probably* missing the gnome-keyring package.
> >
> > you'll need:
> > - ssh-agent (to remember)
> > - an app that processes your passphrase (gnome-keyring or pinentry-
> > gtk)
> >
> > ssh-agent is part of openssh-clients. It's usually run by gnome-
> > keyring-daemon. Look in the process list for it. It should be
> > running.
> >
> > ssh-add is a cli app that will let you add the key and trigger a
> > passphrase without a GUI.
> >
> > You can see if a key is being remembered by running 'ssh-add -l'
> >
> > gnome-shell should prompt for the key (the prompt will be themed
> > like
> > gnome-shell), but so can pinentry/pinentry-gtk (themed like a Gtk2
> > app)
> > _______________________________________________
> >
>
> ok, I used the two commands -
>
> eval "$(ssh-agent -s)"
> ssh-add ~/.ssh/id_rsa
>
> and this works for the one terminal shell I entered the commands in,
> any
> other terminal I either need to re-run the commands in that shell or
> unlock my private key when I type ssh <hostname>
>
> not sure if putting the commands in the rc file to run would be the
> best
> thing to do, I suspect I'll have to unlock every time I open a new
> window, plus this is not what I remember, I remember (maybe
> incorrectly)
> getting a graphical dialogue box asking me to unlock my key.
There used to be a bug running an agent under Wayland, which resulted
in lost environment variables. The bug was fixed a long time ago.
To counter that bug, I used to add the following to ~/.bashrc. It
might help you if you plan to start ssh-agent from there:
if [ ! -n "${SSH_AUTH_SOCK}" ] && \
[ -r "/run/user/${ID}/keyring/ssh" ]; then
export SSH_AUTH_SOCK="/run/user/${ID}/keyring/ssh"
fi
Note: I haven't tested this in at least a year.
Possibly related: if you recovered an ancient ~/.bashrc or profile from
backup on F28, please try the stock ones. They're in /etc/skel/
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org/message/5QF3HTQ7XYAQ2Q7Y26LQY3YZDAFLZDKK/
