ssh, seahorse, fresh fish

Sorry friends in real life, today’s entry is extremely nerdy.

I received a new machine at work today and proceeded to do a fresh install of Ubuntu Jaunty. One thing I tend to do is drag around old ssh keys with me.

Yes, I know this is bad security practice. I do it anyway. Bugger off plz, kthxbye.

After the install, I dropped my private id_rsa into ~/.ssh, logged out, logged back in, and expected that I would be able to start ssh’ing to the machines I care about without having to type in my extremely long passphrase everytime.

Nope.

Frustrated, I mashed my fists against the keyboard many times and cried out in paroxysms of primal rage.

If you didn’t know, seahorse is a GNOME ssh-agent. It’s actually pretty neat, and can hook into gdm and also somehow magically detect when you’re trying to ssh from a shell. The way it’s supposed to work is:

• you create a brand new ssh key with a passphrase
• you try and ssh somewhere
• seahorse magically realizes that you’re trying to ssh, and prompts you for the ssh key’s passphrase. It also offers to save it for you.
• next time you login, somehow seahorse and gdm talk; seahorse realizes you logged in successfully, which unlocks all the keys it knows about (more or less)
• you can now ssh to machines without entering in your passphrase (assuming you told seahorse to save it previously, which you did, of course, since typing in a password every time is for people who want to waste their entire lives wearing tin foil hats and congratulating themselves on how extremely secure they are, nevermind the fact that NO ONE GIVES A RUNNY CHOLERA-FILLED DIAPER about their data)

I tried manually importing my private ssh key into seahorse, but that didn’t work.

Finally, with some help of teh googles, I learned that seahorse really does require both your private AND public key in ~/.ssh; I’d gotten lazy and didn’t copy my public key over.

After dropping id_rsa.pub into ~/.ssh, seahorse recognized my key, did the magical auto-detect when you’re ssh’ing somewhere trick, prompted me for my passphrase, and now I can get on with the rest of my life with one less annoyance.

Whee.