How to set up ssh connection to another system using "Passwords and Encryption Keys"?

Chris G cl at isbd.net
Fri Dec 18 16:54:16 UTC 2009 

On Fri, Dec 18, 2009 at 11:10:01AM +0000, Chris G wrote:
> > 
> > If the correct key (or keys) have been copied, then you should be able
> > to use SSH to access the remote system without providing the password
> > for the remote system.
> > 
> Yes, I understand the ssh basics.  In addition I can now confirm that
> seahorse does its job correctly, creates the keys and puts them in the
> right places.  What *doesn't* work at all is gnome-keyring-daemon
> which is supposed to replace ssh-agent.  It's all very broken on my
> xubuntu 9.10 system and I suspect it's not much different on ubuntu 9.10.
> 
> There are two problems.  Firstly by default (I think) you end up with
> both ssh-agent *and* gnome-keyring-daemon running which is decidedly
> not a good idea.
> 
> So I've configured ssh-agent not to run.  It then turns out that
> gnome-keyring-daemon isn't set up to work as a ssh-agent replacement,
> I'm still working on getting that side of things working.  I have now
> at least got to the stage where running ssh pops up a window asking
> for my ssh key passphrase.  What I'm ultimately after is getting it
> all to work completely transparently using my login password as the
> ssh key passphrase.

I've finally got it all working.  :-)

It doesn't actually need a *lot* of fixes/changes/workarounds.

Basically (if I have remembered it all) the changes are:-

    Delete "use-ssh-agent" from the file /etc/X11/Xsession.options,
    this prevents ssh-agent from starting which you don't want because
    gnome-keyring-daemon is trying to do teh same thing.

    Add the following to your .profile (or .xprofile, or whatever is
    needed to get it to run after you log in)

        eval $(gnome-keyring-daemon --start)
        export SSH_AUTH_SOCK
        export GNOME_KEYRING_SOCKET

That's it, I then deleted the existing Passwords entries I had in
"Passwords and Encryption Keys" and set up an ssh key in My Personal
Keys for ssh login to other systems.  Log out, log back in again and
when you ssh to a system you have set up it asks for the passphrase to
the ssh key and, when you have entered it, asks if you want to store
it in the login keyring, say 'yes' and you're there.

Most of my pain was because it's difficult to follow how it's all
supposed to work and there's very little good documentation.  Then,
given that there's a bug in it, it becomes really painful to sort out.

The bug (or several closely related ones) *has* been reported, that's
what set me on the trail to getting it to work for me.

-- 
Chris Green

More information about the ubuntu-users mailing list