9

When I use SSH for the first time after booting, it asks me for my private key unlocking passphrase (which is the behaviour I expect). But it does so in a window, not in the shell (similar to gksudo VS sudo). This is frustrating (I have to use my mouse to click the window) and secondly sometimes causes a bug (I use Guake terminal, sometimes in fullscreen, in which case I can't focus on the SSH window and I am forced to restart X).

So, my question is: Is there a way to force SSH to ask for my private key passphrase on the command line, instead of popping a window?

Adrien Luxey
  • 191
  • env ssh ... would do it, but this loses ssh-agent so it's not quite right. Maybe somebody can figure out the rest. – Joshua Feb 17 '17 at 20:00

2 Answers2

7

You probably have one of the *-askpass packages installed, and the environment variable SSH_ASKPASS set accordingly; see ssh(1). Unsetting the variable, e. g. in your ~/.bashrc, or uninstalling the package should do the trick.

See also Tell SSH to use a graphical prompt for key passphrase for the reverse problem and some hints about the environment.

Community
  • 1
Murphy
  • 2,649
  • 1
    This most probably not be the case. SSH asks for passphrase always in the TTY, unless it does not have one (if you are in guake, I bet you have got one). The prompt is most probably from gnome-keyring (screenshot by the OP would confirm that), as explained in my other answer. – Jakuje Feb 17 '17 at 15:18
  • Indeed, the gnome-askpass window does not look like the usual: askpass only reads "Enter your OpenSSH passphrase" with a text field. I tried taking a screenshot, but it does not work: the window captures key events (same problem that causes the bug with fullscreen guake). I'll take a picture if need be. – Adrien Luxey Feb 20 '17 at 10:06
  • @AdrienLuxey Try Gimp, it's able to take a screenshot of the active window after a timeout. But more importantly you should check the ps tree to see who/what calls the window. – Murphy Feb 20 '17 at 13:59
3

You have the private key added in the gnome-keyring or something else, which issues the GUI prompt for the passphrase. You can not get rid of that in this setup.

But there is possibility to use normal ssh-agent (by removing the gnome-keyring or starting ssh-agent after that) and AddKeysToAgent yes option in your ssh_config, which will result in the behavior you expect -- after the boot, the agent will not have any keys and they will be automatically added after the first use.

Similar cases are explained in related questions:

Community
  • 1
Jakuje
  • 21,357