2250704 – GNOME ssh agent not working in Rawhide

Bug 2250704 - GNOME ssh agent not working in Rawhide

Summary: GNOME ssh agent not working in Rawhide

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gcr
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Matthias Clasen
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-11-20 17:25 UTC by Adam Williamson
Modified:	2023-11-21 18:43 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-11-21 18:43:24 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Adam Williamson 2023-11-20 17:25:46 UTC

In current Rawhide, GNOME's ssh agent functionality isn't working. Every time I try and ssh anywhere from within GNOME, I get a terminal prompt for the key passphrase. The way this should work is that the *first* time I ssh somewhere I get a GNOME prompt for the passphrase, and it should then store it for future re-use within the same session.

Kalev pointed out that this is likely related to https://src.fedoraproject.org/rpms/gnome-keyring/pull-request/7 and the https://fedoraproject.org/wiki/Changes/ModularGnomeKeyring Change more broadly. In light of that, some info:

* I have gcr3-3.41.1-6.fc39.x86_64 and gcr-4.1.0-2.fc39.x86_64 installed
* gcr3 provides /usr/libexec/gcr-ssh-askpass but no agent
* gcr provides /usr/libexec/gcr-ssh-agent and /usr/libexec/gcr4-ssh-askpass
* gcr also provides a gcr-ssh-agent.service and a gcr-ssh-agent.socket , but both appear to be disabled and inactive:

[adamw@xps13a os-autoinst-distri-fedora (main %)]$ systemctl --user status gcr-ssh-agent
○ gcr-ssh-agent.service - GCR ssh-agent wrapper
     Loaded: loaded (/usr/lib/systemd/user/gcr-ssh-agent.service; disabled; preset: disabled)
    Drop-In: /usr/lib/systemd/user/service.d
             └─10-timeout-abort.conf
     Active: inactive (dead)
TriggeredBy: ○ gcr-ssh-agent.socket
[adamw@xps13a os-autoinst-distri-fedora (main %)]$ rpm -ql gcr | grep sock
/usr/lib/systemd/user/gcr-ssh-agent.socket
[adamw@xps13a os-autoinst-distri-fedora (main %)]$ systemctl --user status gcr-ssh-agent.socket
○ gcr-ssh-agent.socket - GCR ssh-agent wrapper
     Loaded: loaded (/usr/lib/systemd/user/gcr-ssh-agent.socket; disabled; preset: disabled)
     Active: inactive (dead)
   Triggers: ● gcr-ssh-agent.service
     Listen: /run/user/1000/gcr/ssh (Stream)

Comment 1 Adam Williamson 2023-11-20 17:27:21 UTC

starting the service and socket manually within a running GNOME session doesn't seem to help, I still just get a console prompt.

Comment 2 Daiki Ueno 2023-11-21 01:04:26 UTC

I would say it needs more coordination to switch over to gcr-ssh-agent on Fedora (e.g., how to propagate SSH_AUTH_SOCK, to automatically enable it at preset, ...); I propose re-enable ssh-agent support in gnome-keyring until they are done.  See https://src.fedoraproject.org/rpms/gnome-keyring/pull-request/9

Comment 3 Adam Williamson 2023-11-21 01:34:07 UTC

that would definitely help delay my going insane, yes...thanks :)

Comment 4 Adam Williamson 2023-11-21 18:43:24 UTC

OK, https://koji.fedoraproject.org/koji/buildinfo?buildID=2322906 got this working again, thanks.

Note You need to log in before you can comment on or make changes to this bug.