Everytime I try to login on a remote server via SSH or try git pull/push on a git repository I get the prompt:
Enter passphrase for key '/home/th0th/.ssh/id_rsa':I want to add my key to the keyring and I want the keyring to be unlocked when I login without being asked for passphrase (I think this was the default behaviour on gnome-shell on Arch Linux). I tried adding my key using seahorse but even my key is visible under Gnome2 Key Storage category in seahorse I get prompted for my passphrase on terminal. Is this a bug or am I missing a step here?
EDIT: Preventing seahorse from prompting for password is another issue. My problem is that, SSH key passphrases are not remembered by gnome keyring.
I am on 15.04 BTW.
31 Answer
The core problem is that you have a password-protected SSH key. What this means is that the private key is actually encrypted, and needs to be decrypted for use, hence the need for a passphrase. (This same logic applies to PGP key actions such as signing, where you need to use the private key to generate a signature). There should be an SSH authentication agent, or at least an agent working with gnome-keyring (14.04) which would be handling the 'prompts' and the 'gnome-keyring', however consider that this is not always the case when working in a CLI environment.
Seahorse should present your SSH keys under "Secure Shell" and nothing else, which may be causing one problem. But the main issue is that the SSH key's private key half is encrypted and password protected, and the password is needed to initiate the 'secure' negotiation section with the key. However, it isn't actually seahorse which controls the authentication, it's actually part of gnome-keyring which has to memorize things. While it should be able to remember your password, it's apparently not able to operate in the way it needs to to provide you a GUI prompt to put in the password and then store the password in the keyring.
The only true way to remove the password prompt there on all cases is to remove the password from the SSH key. While SSH keys should ideally have passwords as an additional layer of protection, ideally you will only store the password for the private key for the duration of the session, or the duration of the GUI session until you log off or reboot, or even ideally for the short time that you are doing the SSH key authentication. This is done for security purposes, but in some cases it's not feasible or necessary.
If you wish to remove the password from your SSH key, then you will need to follow these steps: (source)
Remove the passphrase.
openssl rsa -in ~/.ssh/id_rsa -out ~/.ssh/id_rsa_new
Backup and replace your private SSH key.
mv ~/.ssh/id_rsa ~/.ssh/id_rsa.backup mv ~/.ssh/id_rsa_new ~/.ssh/id_rsa
Set key permissions, as private keys are owner-readable only (this is OpenSSH enforced)
chmod 400 ~/.ssh/id_rsa
Test the connection via SSH, and there should be no password prompt.
