7

I just updated my ssh key and added a passphrase, however it constantly nags me for it now, such as when I do a git (or mercurial hg) push. ssh-agent is running:

xxx  1303  1118  0 09:16 ?  00:00:00 /usr/bin/ssh-agent
   /usr/bin/dbus-launch --exit-with-session 
   /usr/bin/im-launch mate-session

I tried ssh-add:

> ssh-add
Identity added: /home/…/.ssh/id_rsa (/home/…/.ssh/id_rsa)
Enter passphrase for /home/…/.ssh/id_ed25519: 
Could not add identity "/home/…/.ssh/id_ed25519": 
    communication with agent failed

What is missing? 16.04 Ubuntu Mate, in case it matters.

Gringo Suave
  • 708
  • 6
  • 18

1 Answers1

8

Edit 2018:

This was resolved in gnome-keyring by wrapping ssh-agent recently so the workarounds should not be needed anymore and everything should work out of the box.

Original workarounds for older systems:

/run/user/1000/keyring/ssh is path of Gnome keyring (seahorse), which does not support Ed25519 keys. There are two possibilities:

  1. Do not use ED25519 keys and use RSA (which should be good enough)

  2. Run real ssh-agent in your startup scripts (~/.xsession) using

     eval `ssh-agent`
Community
  • 1
Jakuje
  • 6,505
  • 7
  • 30
  • 37
  • Interesting that seahorse does not support this. Is there an issue for this? – Alex Nov 22 '16 at 21:11
  • 2
    There is a bug about this in GNOME bugzilla for almost three years: https://bugzilla.gnome.org/show_bug.cgi?id=723274 – Jakuje Nov 22 '16 at 21:54
  • 1
    .xsession didn't seem to work, looks like gnome-keyring clobbers ssh-agent: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775189 – Gringo Suave May 03 '17 at 19:15
  • For testing purpose you should be able to start the agent manually/in `~/.bashrc`. It just overwrites the environment variable set by gnome-keyring. Similar way should be possible in some of the X startup scripts (not too familiar in these waters). Though implementing ed22519 should not be too hard since it is already available in libgcrypt. If I will have time, I will have a look into that. – Jakuje May 03 '17 at 19:21
  • This was resolved in gnome-keyring by wrapping ssh-agent recently. – Jakuje May 21 '18 at 09:19