I have two Arch Linux machines with virtually identical setup, both running /usr/bin/gnome-keyring-daemon --daemonize --login
. They both have the same SSH secret key, but only one of them has the public key. On the host with the public key the GNOME Keyring daemon works fine – I can SSH to other machines without any prompts as expected. On the host without the public key it seems GNOME Keyring ignores that I've already entered the passphrase, and I'm prompted every time:
$ ls ~/.ssh/id_rsa.pub
ls: cannot access /home/user/.ssh/id_rsa.pub: No such file or directory
$ ssh some-host exit
Enter passphrase for key '/home/user/.ssh/id_rsa':
$ ssh other-host exit
Enter passphrase for key '/home/user/.ssh/id_rsa':
It also does not list the identity, even after entering the passphrase:
$ ssh-add -l
The agent has no identities.
After copying over the public key on a hunch I'm no longer prompted for a passphrase. After subsequently removing the public key again the symptom is back. Is there a reason for this behaviour, or is it simply a bug?
Best Answer
From the GNOME Keyring documentation SSH Agent page:
So GNOME Keyring will load
id_rsa
only if a correspondingid_rsa.pub
exists.You can generate one with
ssh-keygen
from the private key fileIf you don't want GNOME Keyring to load
id_rsa
automaticaly, you have to removeid_rsa.pub
I can't find any technical reasons for why this convention was chosen but it's not a bug.