I now have two desktop systems running Bookworm with GNOME. The laptop
was upgraded last month and I upgraded the desktop this afternoon. I
have been using the GNOME keyring applet to manage the SSH public key
passwords I use as it prompts to save passwords and then lets me SSH to
other hosts without out a password prompt.
Some time after the upgrade I wanted to SSH into one of the other
systems on my LAN and was greeted with a password prompt for the
corresponding public key that had prior been managed by the keyring
applet. I noted differences in the running processes between the laptop
where the keyring applet is still working and the desktop where it was
not.
On an off-chance I cold booted this system and found the keyring applet
was working as expected so I went on doing other things for a while.
Then I tried again and was prompted for the public key's password.
Uggh.
Right after rebooting the process list looked like this which mirrors
the laptop:
$ ps ax -u nate | grep "agent\|keyring"
2037 ? SLsl 0:00 /usr/bin/gnome-keyring-daemon --foreground --components=pkcs11,secrets --control-directory=/run/user/1000/keyring
2151 ? Ssl 0:00 /usr/libexec/gcr-ssh-agent /run/user/1000/gcr
2157 ? Ss 0:00 ssh-agent -D -a /run/user/1000/openssh_agent
3802 ? S 0:00 /usr/bin/ssh-agent -D -a /run/user/1000/keyring/.ssh
3922 pts/0 S+ 0:00 grep --color=auto agent\|keyring
When I began this mail things looked like this:
$ ps ax -u nate | grep "agent\|keyring"
2151 ? Ssl 0:00 /usr/libexec/gcr-ssh-agent /run/user/1000/gcr
2157 ? Ss 0:00 ssh-agent -D -a /run/user/1000/openssh_agent
12324 ? Sl 0:00 /usr/bin/gnome-keyring-daemon --start --foreground --components=secrets
12325 ? Ssl 0:00 /usr/bin/gnome-keyring-daemon --foreground --components=pkcs11,secrets --control-directory=/run/user/1000/keyring
19308 pts/0 S+ 0:00 grep --color=auto agent\|keyring
It appears to me that gnome-keyring-daemon has been restarted for some reason.
As a result PIDs 2037 and 3802 are terminated and also
/run/user/1000/keyring/.ssh is no longer present along with the pkcs11 and ssh
files in the same directory.
I don't see anything out of the ordinary, in fact, these packages are
the same on the desktop and laptop systems:
debian-archive-keyring/stable,stable,now 2023.3 all [installed,automatic]
fasttrack-archive-keyring/stable,stable,now 2020.12.19 all [installed]
gnome-keyring-pkcs11/stable,now 42.1-1+b2 amd64 [installed,automatic]
gnome-keyring/stable,now 42.1-1+b2 amd64 [installed,automatic]
gpg-agent/stable,now 2.2.40-1.1 amd64 [installed,automatic]
libpam-gnome-keyring/stable,now 42.1-1+b2 amd64 [installed,automatic]
libpolkit-agent-1-0/stable,now 122-3 amd64 [installed,automatic]
Now, while typing this email all keyring PIDs have vanished!
$ ps ax -u nate | grep "agent\|keyring"
2151 ? Ssl 0:00 /usr/libexec/gcr-ssh-agent /run/user/1000/gcr
2157 ? Ss 0:00 ssh-agent -D -a /run/user/1000/openssh_agent
22418 pts/0 S+ 0:00 grep --color=auto agent\|keyring
I am flummoxed.
TIA
- Nate
--
"The optimist proclaims that we live in the best of all
possible worlds. The pessimist fears this is true."
Web:
https://www.n0nb.us
Projects:
https://github.com/N0NB
GPG fingerprint: 82D6 4F6B 0E67 CD41 F689 BBA6 FB2C 5130 D55A 8819