Ssh-agent session

English Install/Boot/Login
1

Hi,

II’ve read some posts on it here and there but with ubuntu it worked with that script in bashrc but here, it is not working really. What I want is to not using my ssh passphrase everytime I want to use ssh.
I use openwrt on my router so I use pretty often an ssh session and it asks me my passphrase cause I uploaded a key in the config (id_ed25519) , here what I used with ubuntu:

#bashrc
if [ ! -S ~/.ssh/ssh_auth_sock ]; then
  eval `ssh-agent`
  ln -sf "$SSH_AUTH_SOCK" ~/.ssh/ssh_auth_sock
fi

So do you have an idea what I could add to fo the same with Open Suse?
thanks

2

What desktop environment are you using?

In my experience, “ssh-agent” is automatically started when I login to KDE (plasma-x11), but not when I use KDE-Wayland. And it is automatically started with Gnome (X11 or Wayland).

3

I have kde plasma. X11

4

In that case, “ssh-agent” should be automatically started at login – assuming that the directory ~/.ssh exists. That’s what happens here.

5

yes it does, but I need to enter my passphrase each time for my session

6

I have something similar to what you are using, but with plasma-Wayland. When using Xorg, “ssh-agent” is started before your “.bashrc” is called.

7

wayland is working ok with tumbleweed and kde?

8

ok so, maybe I could add my scripts somewhere else? Cause as i said, it worked with ubuntu in bashrc

9

In more detail, this is in a VM running Krypton (to test Plasma 6). And yes, Wayland is doing fine with Plasma 6.

Plasma 6 should be officially released pretty soon now, and is likely to show up in regular Tumbleweed within a few weeks.
In that Krypton VM, I put my script in ~/.config/plasma-workspace/env which is probably the best place when using KDE.

On my normal desktop, I usually stay logged in, so I only need to enter my passphrase once per reboot. In the VM session, I logout and login after a plasma 6 update, so it is nice to not have to reenter my passphrase when I next login…

1 Like
10

seems to work now, what I did id ;

in .profile I’ve add ;

if [ ! -S ~/.ssh/ssh_auth_sock ]; then
  eval `ssh-agent`
  ln -sf "$SSH_AUTH_SOCK" ~/.ssh/ssh_auth_sock
fi

and I created .bash_logout
and added:

if [ -n "$SSH_AUTH_SOCK" ] ; then
  eval `/usr/bin/ssh-agent -k`
fi
11

This condition is wrong. SSH agent implementation is free to use any path and you have to check whether SSH_AUTH_SOCK is set and looks sensible.

bor@bor-Latitude-E5450:~$ env | grep SSH
SSH_AGENT_LAUNCHER=gnome-keyring
SSH_AUTH_SOCK=/run/user/1001/keyring/ssh
bor@bor-Latitude-E5450:~$

And in KDE X11 session

bor@uefi:~> env | grep SSH
SSH_AUTH_SOCK=/tmp/ssh-XXXXXXUNoM1M/agent.1391
SSH_AGENT_PID=1460
SSH_ASKPASS=/usr/libexec/ssh/ssh-askpass
bor@uefi:~> ps -fwwp 1460
UID        PID  PPID  C STIME TTY          TIME CMD
bor       1460  1391  0 20:21 ?        00:00:00 /usr/bin/ssh-agent /usr/bin/gpg-agent --sh --daemon --keep-display /usr/libexec/xinit/xinitrc
bor@uefi:~>

You likely start the second instance of SSH agent.

12

here what I have;

:~> env | grep SSH
SSH_AUTH_SOCK=/tmp/ssh-XXXXXXv7MHOo/agent.24842
SSH_AGENT_PID=24843
SSH_ASKPASS=/usr/libexec/ssh/ssh-askpass

but what is your advice ?

13

And as expected KDE Wayland does not have SSH agent because it is started by xinit machinery which is not used in Wayland session.

You problem is not that SSH agent does not run, but that it does not have and private keys. You need to explicitly add keys you want to use with ssh-add.

14

I have my keys (id_ed25519) in .ssh

15

Invest some time in reading man ssh-agent and some tutorials. In particular, pay attention to

     The agent initially does not have any private keys.  Keys are added using ssh-add(1) or
     by ssh(1) when AddKeysToAgent is set in ssh_config(5).
1 Like