How is my ssh key unlocked without ssh-agent? And how do I fix that?
Clash Royale CLAN TAG#URR8PPP
up vote
2
down vote
favorite
I have an SSH key that I use almost every day and I recently noticed that I haven't had to unlock it in a long while. I don't always shut down my computer and so it is fairly common that ssh-agent is already running when I access a server. But I've now confirmed that actually I'm never being asked for a password.
I feel a little bit like I've lost my mind, because ...
ps aux | grep agent
doesn't showssh-agent
running.ssh-keygen -y
asks for a password but the password I expect doesn't work.ssh user@example.com
connects immediately.
There's nothing especially sensitive at stake right now, though that's temporary.
What should I be looking for here? How is my key working without a passphrase, even after a restart? I'm assuming I did something here, but how can I figure out what I did?
Per the comments, I did run echo $SSH_AUTH_SOCK
and I see /run/user/1000/keyring/ssh
-- lsof /run/user/1000/keyring/ssh
isn't returning anything, though, so I don't know what is opening it.
How do I ensure that my key isn't just hanging out unlocked?
ssh ssh-agent
 |Â
show 2 more comments
up vote
2
down vote
favorite
I have an SSH key that I use almost every day and I recently noticed that I haven't had to unlock it in a long while. I don't always shut down my computer and so it is fairly common that ssh-agent is already running when I access a server. But I've now confirmed that actually I'm never being asked for a password.
I feel a little bit like I've lost my mind, because ...
ps aux | grep agent
doesn't showssh-agent
running.ssh-keygen -y
asks for a password but the password I expect doesn't work.ssh user@example.com
connects immediately.
There's nothing especially sensitive at stake right now, though that's temporary.
What should I be looking for here? How is my key working without a passphrase, even after a restart? I'm assuming I did something here, but how can I figure out what I did?
Per the comments, I did run echo $SSH_AUTH_SOCK
and I see /run/user/1000/keyring/ssh
-- lsof /run/user/1000/keyring/ssh
isn't returning anything, though, so I don't know what is opening it.
How do I ensure that my key isn't just hanging out unlocked?
ssh ssh-agent
1
There are other things which can act as an ssh agent. Doecho $SSH_AUTH_SOCK
and you can see if you have one. Anlsof
on it will tell you what is providing it.
â Patrick
Feb 16 at 3:57
I see/run/user/1000/keyring/ssh
when I do that--butlsof | grep ssh
isn't turning up anything.
â Amanda
Feb 16 at 4:21
4
nogrep
, justlsof
. Though judging from the path, I suspect it'sgnome-keyring-daemon
.
â Patrick
Feb 16 at 4:23
Straightlsof
gets me 11,000 lines though.
â Amanda
Feb 16 at 4:34
lsof
on the file. E.G.lsof /run/user/1000/keyring/ssh
â Patrick
Feb 16 at 4:39
 |Â
show 2 more comments
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I have an SSH key that I use almost every day and I recently noticed that I haven't had to unlock it in a long while. I don't always shut down my computer and so it is fairly common that ssh-agent is already running when I access a server. But I've now confirmed that actually I'm never being asked for a password.
I feel a little bit like I've lost my mind, because ...
ps aux | grep agent
doesn't showssh-agent
running.ssh-keygen -y
asks for a password but the password I expect doesn't work.ssh user@example.com
connects immediately.
There's nothing especially sensitive at stake right now, though that's temporary.
What should I be looking for here? How is my key working without a passphrase, even after a restart? I'm assuming I did something here, but how can I figure out what I did?
Per the comments, I did run echo $SSH_AUTH_SOCK
and I see /run/user/1000/keyring/ssh
-- lsof /run/user/1000/keyring/ssh
isn't returning anything, though, so I don't know what is opening it.
How do I ensure that my key isn't just hanging out unlocked?
ssh ssh-agent
I have an SSH key that I use almost every day and I recently noticed that I haven't had to unlock it in a long while. I don't always shut down my computer and so it is fairly common that ssh-agent is already running when I access a server. But I've now confirmed that actually I'm never being asked for a password.
I feel a little bit like I've lost my mind, because ...
ps aux | grep agent
doesn't showssh-agent
running.ssh-keygen -y
asks for a password but the password I expect doesn't work.ssh user@example.com
connects immediately.
There's nothing especially sensitive at stake right now, though that's temporary.
What should I be looking for here? How is my key working without a passphrase, even after a restart? I'm assuming I did something here, but how can I figure out what I did?
Per the comments, I did run echo $SSH_AUTH_SOCK
and I see /run/user/1000/keyring/ssh
-- lsof /run/user/1000/keyring/ssh
isn't returning anything, though, so I don't know what is opening it.
How do I ensure that my key isn't just hanging out unlocked?
ssh ssh-agent
edited Feb 16 at 17:27
asked Feb 16 at 3:25
Amanda
372112
372112
1
There are other things which can act as an ssh agent. Doecho $SSH_AUTH_SOCK
and you can see if you have one. Anlsof
on it will tell you what is providing it.
â Patrick
Feb 16 at 3:57
I see/run/user/1000/keyring/ssh
when I do that--butlsof | grep ssh
isn't turning up anything.
â Amanda
Feb 16 at 4:21
4
nogrep
, justlsof
. Though judging from the path, I suspect it'sgnome-keyring-daemon
.
â Patrick
Feb 16 at 4:23
Straightlsof
gets me 11,000 lines though.
â Amanda
Feb 16 at 4:34
lsof
on the file. E.G.lsof /run/user/1000/keyring/ssh
â Patrick
Feb 16 at 4:39
 |Â
show 2 more comments
1
There are other things which can act as an ssh agent. Doecho $SSH_AUTH_SOCK
and you can see if you have one. Anlsof
on it will tell you what is providing it.
â Patrick
Feb 16 at 3:57
I see/run/user/1000/keyring/ssh
when I do that--butlsof | grep ssh
isn't turning up anything.
â Amanda
Feb 16 at 4:21
4
nogrep
, justlsof
. Though judging from the path, I suspect it'sgnome-keyring-daemon
.
â Patrick
Feb 16 at 4:23
Straightlsof
gets me 11,000 lines though.
â Amanda
Feb 16 at 4:34
lsof
on the file. E.G.lsof /run/user/1000/keyring/ssh
â Patrick
Feb 16 at 4:39
1
1
There are other things which can act as an ssh agent. Do
echo $SSH_AUTH_SOCK
and you can see if you have one. An lsof
on it will tell you what is providing it.â Patrick
Feb 16 at 3:57
There are other things which can act as an ssh agent. Do
echo $SSH_AUTH_SOCK
and you can see if you have one. An lsof
on it will tell you what is providing it.â Patrick
Feb 16 at 3:57
I see
/run/user/1000/keyring/ssh
when I do that--but lsof | grep ssh
isn't turning up anything.â Amanda
Feb 16 at 4:21
I see
/run/user/1000/keyring/ssh
when I do that--but lsof | grep ssh
isn't turning up anything.â Amanda
Feb 16 at 4:21
4
4
no
grep
, just lsof
. Though judging from the path, I suspect it's gnome-keyring-daemon
.â Patrick
Feb 16 at 4:23
no
grep
, just lsof
. Though judging from the path, I suspect it's gnome-keyring-daemon
.â Patrick
Feb 16 at 4:23
Straight
lsof
gets me 11,000 lines though.â Amanda
Feb 16 at 4:34
Straight
lsof
gets me 11,000 lines though.â Amanda
Feb 16 at 4:34
lsof
on the file. E.G. lsof /run/user/1000/keyring/ssh
â Patrick
Feb 16 at 4:39
lsof
on the file. E.G. lsof /run/user/1000/keyring/ssh
â Patrick
Feb 16 at 4:39
 |Â
show 2 more comments
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f424520%2fhow-is-my-ssh-key-unlocked-without-ssh-agent-and-how-do-i-fix-that%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
There are other things which can act as an ssh agent. Do
echo $SSH_AUTH_SOCK
and you can see if you have one. Anlsof
on it will tell you what is providing it.â Patrick
Feb 16 at 3:57
I see
/run/user/1000/keyring/ssh
when I do that--butlsof | grep ssh
isn't turning up anything.â Amanda
Feb 16 at 4:21
4
no
grep
, justlsof
. Though judging from the path, I suspect it'sgnome-keyring-daemon
.â Patrick
Feb 16 at 4:23
Straight
lsof
gets me 11,000 lines though.â Amanda
Feb 16 at 4:34
lsof
on the file. E.G.lsof /run/user/1000/keyring/ssh
â Patrick
Feb 16 at 4:39