GNOME ssh askpass not working in 3.20?

Paul Smith paul at
Sun Jun 12 21:21:33 UTC 2016

On Sun, 2016-06-12 at 16:53 -0400, Paul Smith wrote:
> On Sat, 2016-06-11 at 12:31 -0400, Paul Smith wrote:
> > This morning I updated my Ubuntu GNOME 16.04 LTS system to GNOME 3.20
> > using the Gnome3 Staging PPA.
> > 
> > One issue is that somehow ssh is not longer asking for my passphrase
> > using ssh-askpass.  Instead it always asks on the terminal and I need to
> > enter it each time (it's not added to ssh-agent).  I didn't change
> > anything about my personal configuration except install the GNOME 3.20
> > packages and reboot.
> > 
> > If I run "ssh-add" by hand, then the key is added to the agent and it
> > works properly, so the agent is running and configured properly.  It's
> > only the ssh-askpass connection thing that is busted.
> > 
> > Anyone have any thoughts, or pointers to what I should look for?
> _However_, at work my SSH_AUTH_SOCK value is set to
> /run/user/$UID/keyring/ssh while at home my SSH_AUTH_SOCK is set
> to /tmp/ssh-PYYRVK6N9zlP/agent.$SSH_AGENT_PID
> If I change my SSH_AUTH_SOCK at home to be set to the same thing as at
> work (that socket does exist, I checked), then everything works right!
> So it seems that somehow during the upgrade to GNOME 3.20, the
> startup/login sequence has been modified such that the "standard" ssh-
> agent's value of SSH_AUTH_SOCK is taking precedence over the gnome-
> keyring version of that variable (at least I assume something in GNOME
> is creating the /run/user/.../ssh socket and maintaining it).

OK, I found this Debian bug which exactly describes my situation:

I checked with journalctl and discovered that I see the same warning
during session start described in that bug:

Jun 12 15:55:00 mysys org.a11y.Bus[2490]:  ** (process:2639): WARNING **: Failed to register client: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files

Later on in journalctl I do see this:

Jun 12 15:55:09 mysys gnome-keyring-ssh.desktop[2778]: SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
Jun 12 15:55:09 mysys gnome-keyring-pkcs11.desktop[2779]: SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
Jun 12 15:55:09 mysys gnome-keyring-secrets.desktop[2786]: SSH_AUTH_SOCK=/run/user/1000/keyring/ssh

but it apparently isn't taking effect, at least not in gnome-shell
(where is where all my terminals are started from).  I'm going to ask on
a GNOME-specific mailing list and see what people say.

More information about the Ubuntu-GNOME mailing list