You are not logged in.
Recently, my computer started having an annoying issue: When I first boot and enter my password in SDDM, I get a bunch of dialogs asking for passphrases to my SSH keys. Whether I enter the correct one or click cancel, the next time I boot it asks for it again. After I dismiss all the dialogs (I have several SSH keys) finally i3 begins to startup.
I have KDE installed, which I hardly use as a DE, but I do use some components like Kmail which brings in akonadi and kwallet appears to store some of my application passwords, which is fine.
I didn't use to have this issue, but recently my kwallet key got messed up so I had to remake them, and this seems to have started after that. I'm not sure if it's related.
There is nothing in my i3 config about ssh. I have some SSH agent stuff in my fish conf.d/ files, but the dialogs show up when I enter my password in SDDM, before i3 even starts up, let alone me opening a shell.
I also tried going into kwallet and deleting my SSH passwords from there. Yet I still get the dialogs.
Even more annoyingly, "systemctl restart sddm" is not enough to trigger the issue. I have to reboot, and the dialogs show up only on the first login.
Anyone know how to solve this?
Last edited by lfitzgerald (2022-10-22 17:59:46)
Offline
Of course as soon as I post it, I discover something else.
I have a ~/.config/fish/conf.d/ssh-agent.fish which is supposed to initialize ssh agent with my keys, *when I start a new shell*. I had the hunch that maybe fish runs it on login as well. So I removed the file, rebooted, and no more dialog.
The problem is though that I still need to prevent this behavior while having the ssh-agent start with the shell.
Offline
Why would you want ssh-agent to run whenever you start a new shell?
Fish doesn't seem to split profile and rc, but you can test the login status:
https://wiki.archlinux.org/title/Fish#Start_X_at_login
Alternatively, start https://wiki.archlinux.org/title/SSH_ke … stemd_user
Offline
Why would you want ssh-agent to run whenever you start a new shell?
To be clear, ssh-agent.fish is idempotent, it doesn't start a new ssh-agent process if there's one running already. I assume this was the confusing part?
Fish doesn't seem to split profile and rc, but you can test the login status:
https://wiki.archlinux.org/title/Fish#Start_X_at_login
Ah! I had not realized that the login runs my shell before my WM comes up. In retrospect it's kind of obvious
. After fiddling with it a bit, I had some success with this:
# Hacky workaround for being prompted to enter SSH passes during login
# https://bbs.archlinux.org/viewtopic.php?pid=2063185
if pgrep i3 > /dev/null
set -x SSH_ASKPASS (which ksshaskpass)
end
# start ssh-agentI believe it works because with SSH_ASKPASS unset, on my system, ssh-add silently fails (and I can login unmolested). From your link, I've learned about the "status" command, so I can just have my ssh-agent.fish return "if not status --is-interactive".
Alternatively, start https://wiki.archlinux.org/title/SSH_ke … stemd_user
Well, I have my dotfiles set up in such a way that I use my fish config on other OSes also (like Macs). So the systemd way would not be portable. But I suppose it's not the end of the world to just have different ssh-agent configs for each OS. And maybe it's better to decouple the ssh-agent from my choice of shell, since I use other ones also.
I'll mark this solved now. Hopefully there's enough info to help anyone else who later finds it.
Offline