in Linux #Arch Linux #GNOME

Fix for gnome-keyring 46.0+ disabling ssh-agent

A breaking change landed on my Arch Linux system the other day, revealing itself when trying to use git. Usually something like this would wind up in the Arch Linux home page. Not this time.

Booting up on a Monday after my end of the week update, I was trying to push some code and was greeted with an unexpected password prompt:

% git push
Enter passphrase for key '/home/josh/.ssh/id_rsa':

Not thinking much of it, I entered my password, and went about my business.

Then it happened again, and again, and again.

Realizing something was wrong, I checked to see which identities were loaded by the SSH agent, and got another fun error:

% ssh-add -l
Could not open a connection to your authentication agent.

Well that's not good, not good at all.

I was able to sorta get things working again, but nothing that would persist across terminal sessions, let alone a reboot.

What had happened was...

The SSH functionality that was once baked into gnome-keyring was moved to gcr which is some crypto library.

Unfortunately, it doesn't seem like Arch Linux had a an automatic migration path for this. Fortunately, it doesn't take much to get things moving again. For now at least, as I'm unsure if this is a stopgap or not.

Migrating to gcr-ssh-agent

To get things working again, you need to enable a systemd service:

% systemctl enable --user gcr-ssh-agent.socket

Then point SSH_AUTH_SOCK to the gcr SSH agent:

export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/gcr/ssh

That last part, you'll want to add to your shell profile, otherwise you need to run it in every terminal session.