SSH public key authentication: Difference between revisions

Line 90:

== KDE ==

By default, KDE prompts you to enter the passwords for your SSH keys to unlock them across session starts. To avoid being asked to unlock your SSH keys every time a session is restarted (e.g., after logging out or rebooting), you can use <code>ksshaskpass</code> to store the passwords. To enable this, ~~add~~ the following ~~<code>environment.variables</code>~~:

By default, KDE prompts you to enter the passwords for your SSH keys to unlock them across session starts. To avoid being asked to unlock your SSH keys every time a session is restarted (e.g., after logging out or rebooting), you can use <code>ksshaskpass</code> to store the passwords. To enable this, make the following changes to your configuration:

programs.ssh = {

startAgent = true;

enableAskPassword = true;

askPassword = pkgs.lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";

};

environment.variables = {

~~SSH_ASKPASS = "${pkgs.ksshaskpass.out}/bin/ksshaskpass";~~

SSH_ASKPASS_REQUIRE = "prefer";

};

</syntaxhighlight>

{{Note | ~~Should~~ you encounter complaints when running {{ic|nixos-rebuild}}~~, you~~ can add {{ic|lib.mkForce}} to {{ic|SSH_ASKPASS}} like this: {{ic|1=SSH_ASKPASS = lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";}}.

{{Note | It is also possible to add {{ic|SSH_ASKPASS}} to your environment variables, but you will likely encounter complaints when running {{ic|nixos-rebuild}}. You can add {{ic|lib.mkForce}} to {{ic|SSH_ASKPASS}} to circumvent the error, like this: {{ic|1=SSH_ASKPASS = lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";}}.

}}

Line 105:

Line 110:

When you use an SSH key for the first time, you will be prompted to enter its passphrase. Be sure to select the "Remember password" checkbox and the passphrase will be securely stored in the KDE Wallet and automatically retrieved across session restarts.

== See also ==

* [[Distributed build]]

@@ Line 90: / Line 90: @@
 == KDE ==
-By default, KDE prompts you to enter the passwords for your SSH keys to unlock them across session starts. To avoid being asked to unlock your SSH keys every time a session is restarted (e.g., after logging out or rebooting), you can use <code>ksshaskpass</code> to store the passwords. To enable this, add the following <code>environment.variables</code>:
+By default, KDE prompts you to enter the passwords for your SSH keys to unlock them across session starts. To avoid being asked to unlock your SSH keys every time a session is restarted (e.g., after logging out or rebooting), you can use <code>ksshaskpass</code> to store the passwords. To enable this, make the following changes to your configuration:
 <syntaxhighlight lang="nix">
+programs.ssh = {
+  startAgent = true;
+  enableAskPassword = true;
+  askPassword = pkgs.lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";
+};
 environment.variables = {
-  SSH_ASKPASS = "${pkgs.ksshaskpass.out}/bin/ksshaskpass";
    SSH_ASKPASS_REQUIRE = "prefer";
 };
 </syntaxhighlight>
-{{Note | Should you encounter complaints when running {{ic|nixos-rebuild}}, you can add {{ic|lib.mkForce}} to {{ic|SSH_ASKPASS}} like this:<br />{{ic|1=SSH_ASKPASS = lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";}}.
+{{Note | It is also possible to add {{ic|SSH_ASKPASS}} to your environment variables, but you will likely encounter complaints when running {{ic|nixos-rebuild}}. You can add {{ic|lib.mkForce}} to {{ic|SSH_ASKPASS}} to circumvent the error, like this:<br />{{ic|1=SSH_ASKPASS = lib.mkForce "${pkgs.ksshaskpass.out}/bin/ksshaskpass";}}.
 }}
@@ Line 105: / Line 110: @@
 When you use an SSH key for the first time, you will be prompted to enter its passphrase. <strong><em>Be sure to select the "Remember password" checkbox</strong></em> and the passphrase will be securely stored in the KDE Wallet and automatically retrieved across session restarts.
 == See also ==
 * [[Distributed build]]