SSH public key authentication: Difference between revisions
m typo |
m Added steps to automatically unlock SSH keys with KDE. |
||
| Line 87: | Line 87: | ||
]; | ]; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== KDE == | |||
By default, KDE prompts you to enter the passwords for your SSH keys to unlock them across session starts. To avoid being asked to unlock your SSH keys every time a session is restarted (e.g., after logging out or rebooting), you can use <code>ksshaskpass</code> to store the passwords. To enable this, add the following <code>environment.variables</code>: | |||
<syntaxhighlight lang="nix"> | |||
environment.variables = { | |||
SSH_ASKPASS = "${pkgs.ksshaskpass.out}/bin/ksshaskpass"; | |||
SSH_ASKPASS_REQUIRE = "prefer"; | |||
}; | |||
</syntaxhighlight> | |||
{{Note | Should you encounter complaints when running {{ic|nixos-rebuild}}, you can add {{ic|lib.mkForce}} to {{ic|SSH_ASKPASS}} like this:<br />{{ic|1=SSH_ASKPASS = lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";}}. | |||
}} | |||
After applying these changes, either log out (if you used <code>switch</code>) or reboot (if you used <code>boot</code> for the variables to take effect. | |||
When you use an SSH key for the first time, you will be prompted to enter its passphrase. <strong><em>Be sure to select the "Remember password" checkbox</strong></em> and the passphrase will be securely stored in the KDE Wallet and automatically retrieved across session restarts. | |||
== See also == | == See also == | ||
* [[Distributed build]] | * [[Distributed build]] | ||