Bug#522493: /usr/bin/gnome-keyring-daemon not working in fr_FR.UTF-8 and ssh workaround
Ronan Keryell
Ronan.Keryell at hpc-project.com
Thu May 5 08:55:02 UTC 2011
For few weeks now on Debian/unstable, ssh authentication services on my
laptop computer is no longer working.
I've just discovered that this service is not provided by ssh-agent but
but gnome-keyring-daemon. Why not...
When I connect I get this in my /var/log/auth.log:
May 5 09:32:27 an-dro gdm[2145]: pam_nologin(gdm:auth): cannot determine username
May 5 09:33:02 an-dro CRON[2781]: pam_unix(cron:session): session opened for user nobody by (uid=0)
May 5 09:33:02 an-dro CRON[2781]: pam_limits(cron:session): Unknown kernel rlimit 'Max realtime timeout' ignored
May 5 09:33:02 an-dro CRON[2781]: pam_unix(cron:session): session closed for user nobody
May 5 09:33:21 an-dro gdm[2145]: pam_limits(gdm:session): Unknown kernel rlimit 'Max realtime timeout' ignored
May 5 09:33:21 an-dro gdm[2145]: pam_unix(gdm:session): session opened for user keryell by (uid=0)
May 5 09:33:21 an-dro gdm[2145]: pam_ck_connector(gdm:session): nox11 mode, ignoring PAM_TTY :0
May 5 09:33:26 an-dro gnome-keyring-daemon[2785]: GLib-GIO: Using the 'memory' GSettings backend. Your settings will not be saved or shared with other applications.
May 5 09:33:34 an-dro polkitd(authority=local): Registered Authentication Agent for unix-session:/org/freedesktop/ConsoleKit/Session1 (system bus name :1.21 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale fr_FR.UTF-8)
May 5 09:52:33 an-dro gnome-keyring-daemon[2785]: unsupported key algorithm in certificate: 1.2.840.10045.2.1
May 5 09:52:33 an-dro gnome-keyring-daemon[2785]: unsupported key algorithm in certificate: 1.2.840.10045.2.1
May 5 09:52:34 an-dro last message repeated 2 times
May 5 09:52:34 an-dro gnome-keyring-daemon[2785]: couldn't load root certificates: /etc/ssl/certs/imapd.pem: L'ouverture du fichier « /etc/ssl/certs/imapd.pem » a échoué : Permission non accordée
May 5 09:52:34 an-dro gnome-keyring-daemon[2785]: unsupported key algorithm in certificate: 1.2.840.10045.2.1
May 5 09:52:34 an-dro last message repeated 4 times
May 5 09:52:35 an-dro gnome-keyring-prompt: Gtk: Failed to load module "gnomebreakpad"
May 5 09:52:35 an-dro gnome-keyring-daemon[2785]: Gtk-Message: Failed to load module "gnomebreakpad"
May 5 09:52:56 an-dro gnome-keyring-prompt: Gtk: Failed to load module "gnomebreakpad"
May 5 09:52:56 an-dro gnome-keyring-daemon[2785]: Gtk-Message: Failed to load module "gnomebreakpad"
I strace'd -f /usr/bin/gnome-keyring-daemon but I saw nothing
blatant.
It is not related for me to wrong encoding as stated in ~/.gnome2/keyrings/default
because I don't have this file:
ls ~/.gnome2/keyrings/
login.keyring user.keystore
But I can suspect a wrong encoding stuff somewhere else too...
Since I find annoying having to launch ssh-agent and patching
gnome-keyring-daemon socket each time I log in :-/ , I've ended to write a
work-around script I run before using ssh-add.
Here is my "gnome-keyring-daemon-work-around" work-around script:
#! /bin/sh
# Use ssh-agent instead of currently broken /usr/bin/gnome-keyring-daemon
# to provide ssh autheticating services
# Ronan.Keryell at hpc-project dot com, 2011/05/05
# Keep around the socket to /usr/bin/gnome-keyring-daemon just in case...
OLD_SSH_AUTH_SOCK=$SSH_AUTH_SOCK
mv $OLD_SSH_AUTH_SOCK $OLD_SSH_AUTH_SOCK%
# Launch a working authenticating agent that set also SSH_AUTH_SOCK
eval `ssh-agent`
# Linked the old socket name advertised everywhere previously by
# /usr/bin/gnome-keyring-daemon to the new working one:
ln -s $SSH_AUTH_SOCK $OLD_SSH_AUTH_SOCK
--
Ronan KERYELL |\/ GSM: (+33|0) 6 13 14 37 66
HPC Project |/) Fax: (+33|0) 1 46 01 05 46
9 Route du Colonel Marcel Moraine K E-mail: rk at hpc-project.com
92360 Meudon La Forêt |\ skype:keryell
FRANCE | \ http://hpc-project.com
More information about the pkg-gnome-maintainers
mailing list