Re: SSH private keys?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/22/2018 07:54 AM, Berend De Schouwer wrote:

On Fri, 2018-06-22 at 07:37 -0400, Jeffrey Ross wrote:

At one point Fedora had something (keyring?) that would allow me to
unlock my SSH private keys and it would keep the unlocked key
available
so I could ssh without having to unlock my key every time.  I
typically
run a simple "terminal" window and then "ssh <hostname>" since my key
is
not retained unlocked I'm prompted for a password.

Fast forward to today, the system had been reinstalled (new
hardware,
new disks, etc) and I no longer have that ability.  I'm currently
runn
Fedora 28 and the desktop is "Gnome", I'm sure it is just a matter
of
installing/configuring/running the correct application.... but which
one?

You're *probably* missing the gnome-keyring package.

you'll need:
- ssh-agent (to remember)
- an app that processes your passphrase (gnome-keyring or pinentry-gtk)

ssh-agent is part of openssh-clients.  It's usually run by gnome-
keyring-daemon.  Look in the process list for it.  It should be
running.

ssh-add is a cli app that will let you add the key and trigger a
passphrase without a GUI.

You can see if a key is being remembered by running 'ssh-add -l'

gnome-shell should prompt for the key (the prompt will be themed like
gnome-shell), but so can pinentry/pinentry-gtk (themed like a Gtk2 app)
_______________________________________________


ok, I used the two commands -

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
and this works for the one terminal shell I entered the commands in, any other terminal I either need to re-run the commands in that shell or unlock my private key when I type ssh <hostname>
not sure if putting the commands in the rc file to run would be the best thing to do, I suspect I'll have to unlock every time I open a new window, plus this is not what I remember, I remember (maybe incorrectly) getting a graphical dialogue box asking me to unlock my key. 

Jeff
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx/message/3F34ORCFYOJUHP4BOLFXVHX444TKFVO7/
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux