headers
Chris Green | 13 Dec 2011 14:57

How to get default key/passphrase to work in xubuntu?

I run xubuntu 11.04 on my desktop system and have several ssh logins to
systems on my LAN and a couple further afield.

A couple of versions ago (10.04 I think it was) I manually cobbled
together various fixes and workarounds so that my login password was
also the default passphrase to unlock my ssh keys and thus my logins
worked with no further requests for the passphrase.

I'm now trying to get this to work again in xubuntu 11.04 and would
appreciate some help.

I suspect I need to clear my workarounds out and start with a clean
slate! :-)

What I need to know is what has to be installed (and what shouldn't be
installed) for this to work.  Then what do I need to set up to get my
login password to be used as the ssh default passphrase?

Currently I seem to have too many agent[like] things running:-

    chris     5776     1  0 12:21 ?        00:00:00 ssh-agent -s
    chris     5884     1  0 12:21 ?        00:00:00 /usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1
    chris     3934     1  0 11:48 ?        00:00:00 /usr/bin/gnome-keyring-daemon --daemonize --login
    chris     5683     1  0 12:21 ?        00:00:00 /usr/bin/gnome-keyring-daemon --daemonize --login

I think I know why there are two gnome-keyring-daemon processes but I'm
not quite sure what starts that ssh-agent.

Remember this is an xubuntu system so the start-up sequence isn't wholly
standard gnome.
(Continue reading)

Permalink | Reply |
headers
Stef Walter | 14 Dec 2011 15:05
Picon

Re: How to get default key/passphrase to work in xubuntu?

On 2011-12-13 14:57, Chris Green wrote:
> What I need to know is what has to be installed (and what shouldn't be
> installed) for this to work.  Then what do I need to set up to get my
> login password to be used as the ssh default passphrase?

I have no idea how much of this XFCE or XUbuntu sets up by default.
Here's how this is done in GNOME:

 1. Setup pam_gnome_keyring in your display manager pam configs.
    From your ps output it seems like this is being done
 2. Start gnome-keyring-daemon correctly in the startup. Either
    through a custom script or via the standard xdg autostart
    mechanism.
 3. Make sure you're using gnome-keyring's SSH agent. Enabled
    by default, but can be toggled using gnome-session-properties.
 4. You will be prompted for your SSH key passwords, type them the
    first time and choose the option to automatically unlock the
    keys whenever you're logged in.

This all works by default in GNOME, but if you need help replicating
this with you custom setup I can help via IRC. I'm often on #keyring on
gimp.net.

Cheers,

Stef
Permalink | Reply |
headers
Chris Green | 14 Dec 2011 15:24

Re: How to get default key/passphrase to work in xubuntu?

On Wed, Dec 14, 2011 at 03:05:46PM +0100, Stef Walter wrote:
> On 2011-12-13 14:57, Chris Green wrote:
> > What I need to know is what has to be installed (and what shouldn't be
> > installed) for this to work.  Then what do I need to set up to get my
> > login password to be used as the ssh default passphrase?
> 
> I have no idea how much of this XFCE or XUbuntu sets up by default.
> Here's how this is done in GNOME:
> 
>  1. Setup pam_gnome_keyring in your display manager pam configs.
>     From your ps output it seems like this is being done
>  2. Start gnome-keyring-daemon correctly in the startup. Either
>     through a custom script or via the standard xdg autostart
>     mechanism.

>  3. Make sure you're using gnome-keyring's SSH agent. Enabled
>     by default, but can be toggled using gnome-session-properties.

I managed to prevent ssh-agent from starting up and I do have an
SSH_AUTH_SOCK environment variable pointing at the gnome-keyring-daemon
process so that's all in place.

>  4. You will be prompted for your SSH key passwords, type them the
>     first time and choose the option to automatically unlock the
>     keys whenever you're logged in.
> 
Aha!  This is the bit that was missing.  I think I may also have managed
to clear out some junk on the way so that this now works.  On my system
the option is hidden until you click on Details and, in addition, until
recently the "automatically unlock the keys ..." option was greyed out.
(Continue reading)

Permalink | Reply |

Gmane