My obligatory Ubuntu ssh-agent post

There has been much wailing and gnashing of teeth regarding the default SSH/GPG agent in Ubuntu (the GNOME 3 “Passwords & Keys” app). It has several shortcomings and lacks some of the functionality that the standard tools have.

There seem to be many blog posts/serverfault questions/bug reports about this floating about. So, I thought I’d post the solution that worked for me. To be clear, this is on Ubuntu 17.10. Reference here

First, disable the GNOME keyring app from starting up in the first place, ~/.config/autostart/gnome-keyring-ssh.desktop should look like this:


[Desktop Entry]
Type=Application
Name=SSH Key Agent
Comment=GNOME Keyring: SSH Agent
Exec=/usr/bin/gnome-keyring-daemon --start --components=ssh
OnlyShowIn=GNOME;Unity;MATE;
X-GNOME-Autostart-Phase=PreDisplayServer
X-GNOME-AutoRestart=false
X-GNOME-Autostart-Notify=true
X-GNOME-Bugzilla-Bugzilla=GNOME
X-GNOME-Bugzilla-Product=gnome-keyring
X-GNOME-Bugzilla-Component=general
X-GNOME-Bugzilla-Version=3.20.1
X-GNOME-Autostart-enabled=false
X-Ubuntu-Gettext-Domain=gnome-keyring
Hidden=true

The important lines here are:

X-GNOME-Autostart-enabled=false
Hidden=true

Next, hook up systemd to start SSH agent for this user:

systemctl --user add-wants default.target ssh-agent.service

This has the effect of creating a link in your home dir:

~/.config/systemd/user/default.target.wants/ssh-agent.service -> /usr/lib/systemd/user/ssh-agent.service

The systemd unit looks like this:

[Unit]
Description=OpenSSH Agent
Before=graphical-session-pre.target
ConditionPathExists=/etc/X11/Xsession.options

[Service]
ExecStart=/usr/lib/openssh/agent-launch start
ExecStopPost=/usr/lib/openssh/agent-launch stop

Finally, add your key(s) using ssh-add.

Happy SSH'ing!

 
2
Kudos
 
2
Kudos

Now read this

Run ad-hoc ansible commands against your vagrant box

OK, 4 years down the line, here’s my next pearl of wisdom. I’m not going to make statements about keeping this blog updated, because, as you can see, they generally fail :) I’m working with vagrant boxes running on a VMware vsphere... Continue →