Running ssh-add at the command line no longer unlocks the ssh keys properly on my system (Ubuntu 11.10 with Unity). Even after I've run ssh-add, when I ssh to a server, I get a dialog box popping up to ask me for my ssh key passphrase. After that things work as expected.
ssh-agent is running. When I first log in:
$ ps -ef | grep ssh-agent
mish 1853 1818 0 18:55 ? 00:00:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session /usr/bin/gnome-session --session=ubuntu
How can I unlock the ssh key properly without having to ssh to a server? (Manually triggering the ssh key dialog window would be OK as a solution, but I don't know how to do that).
My use case is that I use tmuxinator and want to set up multiple ssh connections. So I want the ssh key unlocked. Otherwise all the ssh key dialog boxes all pop up and I have to enter my passphrase multiple times. Or I can ssh somewhere before launching tmuxinator, but the connection is slow here, so that just adds friction. So I want to unlock the ssh key before launching tmuxinator, without having to ssh somewhere first.
Edit
Just tried logging out and logging back in again. Then I did:
$ env | grep -i ssh
SSH_AGENT_PID=8693
SSH_AUTH_SOCK=/tmp/keyring-Ho4cfE/ssh
$ ssh-add -D
All identities removed.
$ ssh-add -l
1024 b8:12:34:56[...]:19 name@computer (DSA)
$ ssh-add
Enter passphrase for /home/name/.ssh/id_dsa:
Identity added: /home/name/.ssh/id_dsa (/home/mish/.ssh/id_dsa)
$ ssh-add -l
1024 b8:12:34:56[...]:19 /home/name/.ssh/id_dsa (DSA)
1024 b8:12:34:56[...]:19 name@computer (DSA)
0 mish@mishtop:~$ ssh server
At which point I am again asked for my passphrase by the GUI dialog box. Frustrating ...
It's also interesting that after "All identities removed" that ssh-add -l still shows an identity. That confuses me. And there does only appear to be one ssh-agent running.
Edit 2:
I found a bug on launchpad about this: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/841672
However this question was about finding a workaround rather than asking why it didn't work, so I hope the question can stand.
Edit 3:
Nothing unusual in /etc/ssh/ssh_config - I haven't touched it. I do have a ~/.ssh/config but that is just ports and usernames.
I watched what processes were running when the dialog popped up, and it was /usr/lib/gnome-keyring/gnome-keyring-prompt-3, launched by /usr/bin/gnome-keyring-daemon --daemonize --login I tried launching the prompt from a terminal but nothing happened. So still stuck.
Not a direct answer to the above question, but a work around for the core problem:
Stop gnome-keyring ssh-agent from starting. Then ssh-agent, ssh-add and ssh works as expected. (Or at least as I expect).
To stop gnome-keyring ssh-agent from starting do:
Edit
This does launch a graphical prompt for my ssh password, but a different one to the one that actually allows ssh to use the ssh key. Even after I've done this, I still get a GUI prompt popping up to ask for my ssh key passphrase :/
See Edit 3 in the question above for more.
Original
I found a way to trigger it in the end. I created
~/bin/gssh-addand put the following in it:I then make it executable:
And then I launch it using Alt+F2. That triggers the gnome dialog box.
Note that if you run
gssh-addfrom the terminal it will not trigger the gnome dialog box. See the ENVIRONMENT section of the ssh-add man page for details as to why.Don't forget that your 'somewhere' need not be remote:
That's how I usually do it.
(I then type
^Dat the new shell prompt to throw it away and drop back to my old one. If you don't mind the extra keystrokes, a command likessh localhost trueis a tidier alternative.)Of course, this only works on systems that request SSH keys (e.g. after using
ssh-copy-id), but from your question it sounds like you've probably got that already.