View previous topic :: View next topic |
Author |
Message |
eponymous Tux's lil' helper
Joined: 02 Feb 2005 Posts: 141
|
Posted: Wed Mar 20, 2013 3:57 pm Post subject: [solved] gvfs not working with ssh-agent |
|
|
Hi,
I've got Gnome installed and want to connect to a remote server directory over SSH using ECDSA private keys. Since gnome-keyring doesn't support ECDSA I've removed it from the "run at startup" list from Gnome. Instead, when I log in, I run:
Code: |
ssh-add ~/.ssh/id_ecdsa
|
That way I get prompted to enter my passphrase when I log in and it adds the keys to OpenSSH agent.
From the command line I can SSH into my machine without being asked for a passphrase.
However if I do:
Code: |
gvfs-mount sftp://user@machine/home
|
I always get "permission denied" as if it isn't even trying use the keys held in ssh-agent.
This happens even with DSA or RSA keys.
If I re-enable gnome-keyring at startup, then it will work with RSA/DSA keys (asking for a passphrase) but obviously this doesn't work with ECDSA.
I have this working just fine in Xubuntu so I don't know what is different on my Gentoo install.
Last edited by eponymous on Fri Mar 22, 2013 6:49 pm; edited 1 time in total |
|
Back to top |
|
|
eponymous Tux's lil' helper
Joined: 02 Feb 2005 Posts: 141
|
Posted: Fri Mar 22, 2013 5:10 pm Post subject: |
|
|
Ok so I got a bit further with this.
It seems gvfsd is not looking at my SSH_AUTH_SOCK.
If I start "gvfsd -r" in a shell with SSH_AUTH_SOCK set properly then it works.
So what I need to know is how can I set SSH_AUTH_SOCK at startup so the environment that gvfsd runs in will pick it up?
I gues this implies that ssh-agent needs to run before gvfsd as well. Is that possible? |
|
Back to top |
|
|
eponymous Tux's lil' helper
Joined: 02 Feb 2005 Posts: 141
|
Posted: Fri Mar 22, 2013 6:49 pm Post subject: |
|
|
Solved:
Adding:
Code: |
eval `/usr/bin/ssh-agent`
|
to my /etc/lightdm/Xsession script fixed the problem.
This ensures that ssh-agent is started and that the variables are exported before any of the other services like GVFS are started. |
|
Back to top |
|
|
|