I babysit a number of servers for local businesses. Most of them are gateway servers, running CentOS-based software (SME Server or Nethserver), but also a few Ubuntu servers (I’m not a fan of Ubuntu, but its too complicated at this stage to change to something else…). As a result, I use SSH a great deal. For security reasons, none of the servers allow password authentication - all are paired-key only.
Under Xfce, I normally go to Settings > Session and Startup > Advanced and enable loading Gnome services at startup. Which means that ssh-agent is loaded when I log in and remains active for the current session. Easy and secure.
In Endevour, I did the same thing. But the ssh-agent does not work the same way. I can’t remember having to do anything else on any other system I’ve used in recent years. Looking at running processes, I see a difference between what my stock Arch install and Endevour seem to be running.
[paul@orion ~]$ ps ax | grep ssh
585 ? Ss 0:00 /usr/bin/sshd -D
738 ? Ss 0:00 /usr/bin/ssh-agent -s
1029 pts/1 Z+ 0:00 [ssh] <defunct>
1993 ? Ss 0:00 sshd: paul [priv]
1995 ? S 0:00 sshd: paul@pts/3
2001 pts/3 R+ 0:00 grep ssh
While I can use ssh-agent manually, I’ve been using the automated loading method for so long that I keep forgetting to do so, then end up with problems if I use something like Filezilla to make an SSH connection to one of the servers.
Can anyone tell me what I’m missing? Everything I can think of seems to be in place, and ssh-agent is running, but not in the same manner that it is running under stock Arch.
@toothandnail
Sorry I took so long to get to this.
As XFCE is not my cup of tea, I got out my trusty latest version ISO I have and installed EndeavourOS XFCE from scratch to see if I could re-create the problem.
Installed fine, then I had to remove kalu before updating the system. Again worked fine.
Set up SSH and used sshfs to log into my server, all went well. Here is my ps ax
Test is the hostname of my client with user don
FedoraServer is the hostname of the server and user pshare (Public Share) with /server on the server mounted with sshfs at /home/don/Server on the client. I think that explains the above ps ax output.
Everything worked without a hitch. Here is a rundown of what I did. Maybe if you go through it that might jog your memory creating a “That’s what I forgot” moment. The following is on the client EndeavourOS XFCE computer
$ mkdir ~/Server (create a mount point)
# vi /etc/ssh/ssh_config (change the port to 9***, I never use port 22)
# vi /etc/hosts (establish a route)
192.168.0.163 FedoraServer.localdomain FedoraServer
# su don
$ ssh-keygen -t rsa -b 2048 (generate a client key pair)
$ ssh-copy-id -i ~don/.ssh/id_rsa.pub pshare@fedoraserver
(copy client key to server /home/pshare/.ssh/authorized_keys
$ ssh pshare@fedoraserver (does autologin into the sever)
$ sshfs pshare@FedoraServer:/server /home/$USER/Server (mounts /server in sever to /home/don/Server in the client)
Worked without a hitch. I then put the
sshfs pshare@FedoraServer:/server /home/$USER/Server
line in a script file and auto start the script at log-in. So I log-in and automatically get this
HTH if not let us know.
Pudge
EDIT:
After posting this I went back and read your post again to see if I missed something. You indicated that you:
Under Xfce, I normally go to Settings > Session and Startup > Advanced and enable loading Gnome services at startup. Which means that ssh-agent is loaded when I log in and remains active for the current session. Easy and secure.
I did not do this. I just started off with XFCE as it comes out of the box. That is the only difference in what I did that I am aware of. Maybe it means something, maybe not?
Thanks for the reply. Looks like I didn’t explain very well. I use a password on my SSH keys. Using ssh-agent you can either add the password at the start of a session, or when I attempt to open an SSH session, I get a prompt to enter the password. Trouble is, for some graphic apps, the prompt is never displayed - login just fails. That applies to things like Filezilla.
Normally under Xfce, when I attempt to log into a key-protected system, I get a graphic pop-up which prompts for the password to my private key:
That works for both graphic and text logins, and the key is stored by ssh-agent until I log out of my session.
I’ve done a bit of hunting on the Arch wiki and found what I was missing - installing gnome-keyring has fixed the problem in EOS. Fortunately, gnome-keyring doesn’t have a lot of extra deps… In other Arch installs I’ve done, it must get pulled in as a dep to something else, I think.
Great, I’m glad you figured it out.
If this is fixed to your satisfaction, click on the three horizontal dots, then click on “solution” to mark your second post as the solution so the topic shows fixed.
