tomclegg.net


Diary
Examples
    256-router
    adzap
    apache-double-reverse
    cacti-adodb-php4
    debian-quota
    diskonmodule
    dollarsperbyte
    dynip
    ezmlm-linux
    fbsdhabits
    freebsdclone
    macbook-quantal-sound
    maildirpop3d-awfulhak
    mandy
    md
    mrtg
    net-snmp
    nodefaultroute
    oracle9i
    oracle9i-bsd5
    oracle9i-client
    oracle9i-nat
    php-cgi
    php-commandline
    php-image
    php-kics
    php-mini_httpd
    pinouts
    pizzaperdollar
    plesk-symlink-php
    pxe
    qmail-linux
    qmail-qfilter
    racoon-sonicwall
    redundant-vpn
    rewriterule
  >seahorse-workaround<
    setting-locale-failed
    smalldog
    snmpv3-cacti
    spamassassin
    squid-tproxy
    supfile
    suse73
    svc-nmbd
    svc-smbd
    svc-smtpd
    toyotastereo
    vm
    vn-file
    wmp-invalid
    xcode-remote-install
    xen-eth0-renamed
    xen-monowall
    xen3-ubuntu-dapper
    zz-update-grub-fail
Hire Tom
Mostly Mozart
Patches
School
Scrapbook
Software
Telephones




colocation
comments
davidireland
edsgranola
faq
funsites
goodlooking
goodmovies
google-earth-saucy-amd64
houserules
liberating
resume
resume2
scratch
shopping
snacks
todo
university
warisbogus

Force gnome to use ssh-agent instead of gnome-keyring-daemon
Posted March 31, 2009

Problem

For some reason, ubuntu intrepid's gnome setup uses an SSH agent that is incapable of forgetting passphrases. This is a fatal flaw.

It also has a strange bug that causes it to claim to have the use of a protected key, even if you have never given it your passphrase.

Fortunately, the "ssh-agent" program we've been using for years is still here, and it still works very well.

Solution

Add this to the end of your .bashrc file in your home directory.

if [ -n "$SSH_AUTH_SOCK" \
    -a "${SSH_AUTH_SOCK::13}" = "/tmp/keyring-" \
    -a ! -L "$SSH_AUTH_SOCK" ]
then
    OLD_AUTH_SOCK="$SSH_AUTH_SOCK"
    eval `ssh-agent`
    mv "$OLD_AUTH_SOCK" "$OLD_AUTH_SOCK"~
    ln -sfn "$SSH_AUTH_SOCK" "$OLD_AUTH_SOCK"
    SSH_AUTH_SOCK="$OLD_AUTH_SOCK"
fi

Everything in your gnome environment will now connect to your working ssh-agent instead of your broken gnome-keyring-daemon.

Add your key to ssh-agent so you don't have to type your passphrase every time the key is used:

ssh-add

Forget passphrases so your passphrase-protected keys can't be used while you're away from your computer:

ssh-add -d