How do I disable automatic unlocking of ssh keys?

Asked by Jeff Powell on 2008-11-07

Running 8.10

I'm using ssh keys here at work and installed some correctly, ssh to a remote server works just fine, but...

At one point - when I was given the unexpected dialog to enter my passphrase (and where the term passphrase never appears) I checked the "Automatically unlock this private key when I log in" box and went on. That was a mistake on my part.

Now I cannot find a way to turn that off. My passphrase is stored somewhere in the system but I cannot figure out where or how to undo that setting. For security reasons I want to enter the passphrase (preferrably at the command line, not in some dialog window) every time I ssh to a remote computer, but at least for those governed by this set of keys, I'm out of luck.

Where is that passphrase stored and how do I get it out of there so I have to enter it?

Then, how do I turn off that dialog so that I enter the pass phrase directly into the terminal instead of the dialog?

I've already tried:

gconftool-2 --set -t bool /apps/gnome-keyring/daemon-components/ssh false

(as mentioned here: http://live.gnome.org/GnomeKeyring/Ssh) but that did nothing, even after logout and reboot.

Any help would be much appreciated.

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu gnome-keyring Edit question
Assignee:
No assignee Edit question
Solved by:
Jeff Powell
Solved:
2008-11-07
Last query:
2008-11-07
Last reply:
2008-11-07
paper0k (paper0k) said : #1

Looking up on launchpad, I see https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/275010
That, I think, matches your scenario

Thanks. You're close, but bug 275010 it's all of it. It explains why gkr didn't stop dealing with SSH keys entirely when given the above command, but it doesn't completely handle the issue.

I still don't know where the existing stored ssh key is located, nor how to clear it out so that I have to type it in manually. That's not documented anywhere I've found to date.

A friend helped me find the solution for this. For the record, since I never found any documentation about it:

cd ~/.gnome2
mv keyrings old_keyrings

logout
log back in

stored ssh keys will no longer be used

Then, for safety:

cd ~/.gnome2
rm -rf ./keyrings

I still want to see how bug 275010 is resolved, since I want to turn off the silly dialog entry for ssh keys and cannot do that, but at least now I know one way to undo the automatic unlock of ssh keys. It's not exactly obvious, but it works.

Patrick Chkoreff (pc233) said : #4

I had that same problem just this morning when, on a lark, I decided to click the "Automatically unlock this private key when I log in" checkbox to see how it worked.

It worked very well. But then for the life of me I could not figure out how to UNCHECK that setting. I search everywhere on the net and this page here is the only discussion I could find on the subject.

I'm on Ubuntu, so my keyrings aren't in ~/.gnome, but I did a "find . -name keyrings" and found it in ~/.local/share/keyrings. All I had to do is remove the login.keyring file. Actually to be safe I did a "mv login.keyring ~/tmp" to save the original just in case.

I restarted the computer and sure enough when I do an ssh, the familiar passphrase dialog box once again appears. Thank goodness!