Gnome starts up a version of ssh-agent when it starts (under /etc/X11/Sessions/Gnome and /etc/X11/gdm/gnomerc ). This completely interferes with keychain; it is unable to connect to any ssh-agent session. There's a discussion <a href"http://forums.gentoo.org/viewtopic.php?t=14596&highlight=">here.</a> The hack, of course, is to edit the two files that start gnome and make sure that it doesn't execute along with ssh-agent (or that it sources the correct files so that from that point on keychain works). It would be nice, however, to change keychain so that it can deal with this problem, if you can think of a way.
Created attachment 8591 [details, diff] Patch to use running ssh-agent started by gnome-session A possible solution to use an existing ssh-agent started by gnome-session. This is probably sub-optimal for several reasons: 1) the ssh-agent *will* stop when the user logs out. 2) Some code is duplicated within the script and should be modularized. 3) It's only one idea and it hasn't been tested well outside of the gnome environment. -Paul
Created attachment 8592 [details, diff] Updated: Patch to use running ssh-agent started by gnome-session Same as patch 8591 but using correct path to executable :)...
i don't really think that we should use the ssh-agent running from inside of gnome, for the reasons you specified. The problem with this whole thing is that keychain is designed to keep up an active ssh-agent process, and now gnome wants to do the same thing. i'm gonna CC the gnome guys on this one, and see if we can't come up with something.... I can't even figure out why gnome needs and ssh-agent :/ anyway, thanks for the patches, even if we don't use them :-)
i think the solution here is to actually change gnome to use KEYCHAIN =) if we use the ssh-agent started by gnome, we're defeating the point of keychain... as we want to keep that ssh agent session around, and gnome will just kill it when the session is over... like i said, changing keychain to suit gnome just isn't a good idea...it defeats the whole point of keychain... for this reason, i'm marking this as invalid, i'll be making changes to the gnomerc from within the keychain ebuild (hopefully) within the next couple of weeks... seth