Introduction & Motivation
My path to Xfce4
I was pretty happy with icewm, especially loving the alphabetical navigation in it's OS/2 style Strg-Esc window list. Sadly the order in which Alt-Tab showed windows started to be messed up. Had to give it up.
Then I was happy with KDE 3.x. Sadly they started KDE 4, making it unusable by trying to copy some things from Windows Vista and MacOS. Had to give it up.
Then I was satisfied by Gnome 2.x. Sadly they started Gnome 3, making it unusable by trying to copy some things from MacOS, Unity, Windows 7. Had to give it up.
Now I am ok using Xfce4.
I like to enter the ssh key password exactly once right after logging in, and have it availabe in a ssh-agent in several auto-started terminal windows right away.
Sadly this seemed impossible.
After this drove me crazy for the 100th time I finally invested a whole sunday afternoon in research and came to what looks like a solution.
Agent starting variants
Old auto-started script approach: Load daemon in auto-started script. Sadly it is executed too late and/or too far down the process tree. Had to give it up.
Command line login approach, startx: When starting X11 using
startx instead of a display manager
.xinitrc is are called early enough. I like the graphical login though. Didn't really try it this time.
Gnome approach: Use
Choose ssh-askpass variant
There are several
ssh-askpass programs allowing to enter the ssh key password in a nice window. I like
To make sure the preferred one is used, make sure only one
ssh-askpass* package installed.
Prepare script forcing early ssh-add
I have a kind-of autostart script that performs a few initial commands that don't go well into window manager settings.
To trigger the graphical query for the ssh key password, it simply contains a dummy ssh command:
# ssh-agent is already present, we need to trigger a ssh-add that really feeds the ssh-agent
ssh $USER@localhost pwd
# further commands can rely on loaded ssh keys
If you create a new autostart script, do not forget to
chmod u+x it.
Activate autostart script and gnome-keyring-daemon
In the "Application Autostart" tab, add your autostart script. Do NOT use a short form like
~/autostart.sh, instead specify the full path, like
In the last tab, "Advanced", activate "Launch GNOME services on startup".
Try it by logging out and in again.
Obligatory further reading: Evil Traps in ssh-add behaviour
gnome-keyring-daemon makes ssh-add behave weird
When using gnome-keyring-daemon, it acts ssh- and gpg-agent, but it behaves quite differently in a nerve breaking manner, making ssh-add look broken:
ssh-add -l used towards gnome-keyring-daemon always shows all ssh-keys known (!) to the gnome keyring, NOT only the ones that are decrypted in-memory!
ssh-add -d or
ssh-add -D seems (!) to have no effect
The only way to make sure whether the gnome-keyring-daemon-acting-as-ssh-agent helds an encrypted or decrypted version of a particular ssh key is to try using the key, i.e. to execute a ssh based command like
svn (towards a
svn+ssh repo), ...