Setup⌗

This is how I got it working on my Ubuntu (19.10) desktop.

First of all, login to your desktop under gnome and add your ssh key with

ssh-add

You should get a popup asking you for your password rather than the one in the terminal.

Enter your ssh key passphrase and it should save it to your keyring.

To view your keyrings contents, you can use a program called seahorse which you can install on Debian/Ubuntu with

apt-get install seahorse

In your home directory, create a file called .profile with the contents

case "$DESKTOP_SESSION" in
    i3)
        export $(gnome-keyring-daemon --start)
        ;;
    sway)
        export $(gnome-keyring-daemon --start)
        ;;
esac

Now logout of gnome and login with i3 or sway.

Testing⌗

Once you are logged in, check if the SSH_AUTH_SOCK environment variable is set with

> env | grep SSH_AUTH_SOCK
SSH_AUTH_SOCK=/run/user/1000/keyring/ssh

It should look similar to the above, however the 1000 may be a different number depending on your users specific user id.

If it is a file under /tmp then check if ssh-agent is running as that may be overwriting the SSH_AUTH_SOCK environment variable when it starts up.

Now you should be able to use ssh with key authentication without having to unlock your key manually.

Debugging⌗

You can use logger to make sure that .profile is actually getting executed at login for example add the line

logger ".profile was read"

Then login and check /var/log/syslog to make sure “.profile was read” is in the logfile using cat, grep or journalctl

Reference⌗

[“Gnomes interaction with PAM”:https://wiki.gnome.org/Projects/GnomeKeyring/Pam]