On Tue, Nov 8, 2016 at 6:33 PM, Marek Marczykowski-Górecki <[email protected]> wrote: > no longer keys loaded automatically with a nice GUI prompt for a password (if > set).
This is not true. OpenSSH's ssh-agent invoked with DISPLAY set and stdin not a tty will invoke ssh-askpass with such a nice gui prompt for a password. This is easy to accomplish if desired. > It is still possible to enable it back for example by adding it to > `~/.profile`. The tricky part is it can't be started just from > `/etc/xdg/autostart`, because it isn't possible to set $SSH_AUTH_SOCK > in shell environment from there (on real GNOME, some GNOME specific dbus > API is used for this). However, env vars can be made to be propagated from xdg-autostart via /tmp/qubes-session-env[.tmp] with minimal changes to the startup scripts. See https://groups.google.com/forum/#!topic/qubes-devel/lRwuYIF_hWE > So, now the questions: > 1. Is this change in behavior ok? I have been running with essentially the change you describe for a few weeks and have observed no regressions. +1 for changing it > 2. If not, how to enable it by default, to make it easier to disable it > if someone want to? Starting it via xdg-autostart and propagating env vars as described above would accomplish this, but regardless I believe openssh's ssh-agent is preferable to gnome-keychain. > [1] https://github.com/marmarek/qubes-gui-agent-linux/pull/21 > [2] https://github.com/QubesOS/qubes-issues/issues/2351 -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CABQWM_CiVy6HBUWD_6Krrjpe-fV6y2UAEjs_yhe6J-k7tCM0WQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
