Xfce Forum

Bliss

Member

Registered: 2021-03-23

Posts: 5

Thunar SFTP does not use ssh-agent anymore

Hi kind strangers and thank you for your time!

Despite active and fitting SSH keys in ssh-agent Thunar does not use them anymore on XFCE Manjaro.
Until a while ago it did.
Doing a ssh / sftp on console works with this keys still.

Manjaro 21.0
Thunar 4.16.5-1

[******@****** ~]$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-XXXXXXDsvCNw/agent.26341; export SSH_AUTH_SOCK;
SSH_AGENT_PID=26342; export SSH_AGENT_PID;
echo Agent pid 26342;
[******@****** ~]$ ssh-add -l
2048 SHA256:PM1zKEvpgCw0UbxSVJy03ek+BBWlJDhD5GZPZ5baWUU /home/******/custom/******/sshkeys/private/openssh/key1.ppk (RSA)
2048 SHA256:pwAkMQQHVGgO0PG7ymyRC+a8p6tesboLgILYRoCUyOo /home/******/custom/******/sshkeys/work/openssh/key1.ppk (RSA)

[******@****** ~]$ ssh ******@******
Linux ****** #2 SMP Thu Nov 26 10:58:41 UTC 2020 x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
(uiserver):******:~$ hostname
******
(uiserver):******:~$ 

It's asking for the password of the ssh user not the passphrase of the ssh-key as until recently:

Am I doing something obviously wrong?
Am I asking in the right place?

Thank you again!

Last edited by Bliss (2021-03-23 12:05:01)

ToZ

Administrator

From: Canada

Registered: 2011-06-02

Posts: 11,486

Re: Thunar SFTP does not use ssh-agent anymore

Hello and welcome.

Not sure how much assistance I can offer, but I just tested this on my Manjaro install and it seems to work fine. On the client (manjaro) I created an RSA key pair (ssh-keygen -t rsa), copied it over to the server (ssh-copy-id toz@xxx.xxx.xxx.xxx) and using thunar (sftp://toz@xxx.xxx.xxx.xxx) it automatically connected - no password or passphrase required.

Is it possible that the server has more than one key for the same client?

Also, your first image, if I run "ssh-add -l" on the client (manjaro) I get "The agent has no identities."

Hopefully this is helpful.

---

Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki  |  Community | Contribute ---

Bliss

Member

Registered: 2021-03-23

Posts: 5

Re: Thunar SFTP does not use ssh-agent anymore

You greatly helped me narrow down the problem!
Thank you!

Thunar seems to not use keys in ssh-agent anymore.
If the keyfile is /home/user/id_rsa -> everythings fine.
If the keyfile is /home/user/Desktop/blubb and I add it to ssh-agent via ssh-add it does not get used by Thunar anymore.
But it was for a long time until recently.

Is this maybe intentional / for security reasons I'm not aware of and came with a recent update etc.?

add keyfile to ssh-agent i.e.:

ssh-add /home/user/Desktop/blubb

show active keys in ssh-agent:

ssh-add -l

ToZ

Administrator

From: Canada

Registered: 2011-06-02

Posts: 11,486

Re: Thunar SFTP does not use ssh-agent anymore

Hmm. Maybe this thread is similar then, which lead to this bug report which seemed to identify gvfs as the culprit. Which lead to this gvfs bug report which then branches off to another bug report. (note: there is a hacky workaround listed there).

If it is a gvfs problem, you should also experience it use nautilus or nemo (both use gvfs). Are you able to test with one of those file managers as well?

---

Please remember to mark your thread [SOLVED] to make it easier for others to find
--- How To Ask For Help | FAQ | Developer Wiki  |  Community | Contribute ---

Bliss

Member

Registered: 2021-03-23

Posts: 5

Re: Thunar SFTP does not use ssh-agent anymore

Ah I've also seen this thread as I searched for my problem before but rejected it because it was all about gpg and gpg-agent.

The OP explicitly at one point answers you:
"You say about SSH keys.
They work for Thunar.
GnuPG keys don't."

My first thought is:
What Problems could the gnome virtual file system (gvfs) cause in a XFCE environment?
But as a pretty solid dev myself I know how intertwined stuff can be and probably just don't know the connections behind it

Same behavior for Nemo and Nautilus confirmed as you suggested.
Testing dolphin right now.

Tbh. I feel like I could only advance this topic by looking into how Thunar fetches keys it offers for a SSH/SFTP connection etc.
But this will be heavy time intensive.
Maybe I can spare some time for this soon but maybe not - time will tell

If so I'll surely post my findings!

Thank you very much for your time!

EDIT: dolphin works - its probably gvfs too

Last edited by Bliss (2021-03-24 12:40:44)