Ubuntu
gnome-keyring package

How do I disable automatic unlocking of ssh keys?

Asked by Jeff Powell

Running 8.10

I'm using ssh keys here at work and installed some correctly, ssh to a remote server works just fine, but...

At one point - when I was given the unexpected dialog to enter my passphrase (and where the term passphrase never appears) I checked the "Automatically unlock this private key when I log in" box and went on. That was a mistake on my part.

Now I cannot find a way to turn that off. My passphrase is stored somewhere in the system but I cannot figure out where or how to undo that setting. For security reasons I want to enter the passphrase (preferrably at the command line, not in some dialog window) every time I ssh to a remote computer, but at least for those governed by this set of keys, I'm out of luck.

Where is that passphrase stored and how do I get it out of there so I have to enter it?

Then, how do I turn off that dialog so that I enter the pass phrase directly into the terminal instead of the dialog?

I've already tried:

gconftool-2 --set -t bool /apps/gnome-keyring/daemon-components/ssh false

(as mentioned here: http://live.gnome.org/GnomeKeyring/Ssh) but that did nothing, even after logout and reboot.

Any help would be much appreciated.

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu gnome-keyring Edit question
Assignee:
No assignee Edit question
Solved by:
Jeff Powell
Solved:
Last query:
Last reply:
Revision history for this message
paper0k (paper0k) said : 		#1

Looking up on launchpad, I see https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/275010
That, I think, matches your scenario

Revision history for this message
Jeff Powell (jeffp-bangtherockstogether) said : 		#2

Thanks. You're close, but bug 275010 it's all of it. It explains why gkr didn't stop dealing with SSH keys entirely when given the above command, but it doesn't completely handle the issue.

I still don't know where the existing stored ssh key is located, nor how to clear it out so that I have to type it in manually. That's not documented anywhere I've found to date.

Revision history for this message
Jeff Powell (jeffp-bangtherockstogether) said : 		#3

A friend helped me find the solution for this. For the record, since I never found any documentation about it:

cd ~/.gnome2
mv keyrings old_keyrings

logout
log back in

stored ssh keys will no longer be used

Then, for safety:

cd ~/.gnome2
rm -rf ./keyrings

I still want to see how bug 275010 is resolved, since I want to turn off the silly dialog entry for ssh keys and cannot do that, but at least now I know one way to undo the automatic unlock of ssh keys. It's not exactly obvious, but it works.

Revision history for this message
Patrick Chkoreff (pc233) said : 		#4

I had that same problem just this morning when, on a lark, I decided to click the "Automatically unlock this private key when I log in" checkbox to see how it worked.

It worked very well. But then for the life of me I could not figure out how to UNCHECK that setting. I search everywhere on the net and this page here is the only discussion I could find on the subject.

I'm on Ubuntu, so my keyrings aren't in ~/.gnome, but I did a "find . -name keyrings" and found it in ~/.local/share/keyrings. All I had to do is remove the login.keyring file. Actually to be safe I did a "mv login.keyring ~/tmp" to save the original just in case.

I restarted the computer and sure enough when I do an ssh, the familiar passphrase dialog box once again appears. Thank goodness!