# keychain and ssh-agent requests passphrase on all new shells

## AH

Suddenly (that is I don't think I have done any changes relevant to this) keychain doesn't seem to work. New shells are missing SSH_AGENT_PID and SSH_AUTH_SOCK.

If I kill all ssh-agent processes and start a new shell I get to enter my passphrase for the identity I have defined:

```
 * Adding 1 ssh key(s)...

Enter passphrase for /home/$USER/.ssh/id_rsa:

Identity added: /home/$USER/.ssh/id_rsa (/home/$USER/.ssh/id_rsa)
```

But:

```
env | grep ssh

CVS_RSH=ssh
```

This ofcourse gives:

```
ssh-add -l

Could not open a connection to your authentication agent.

```

If I try to ssh somewhere, like localhost, it requests passphrase yet again.

If I manually do:

```
eval `ssh-agent`
```

it works, until I close that shell. I thought keychain was supposed to take care of all this for me?

.bashrc and ~/.keychain/$HOST-sh seems to contain reasonable information.

Searching the forums give some similar threads, but nothing exactly like this that solves the problem.

----------

## grimm26

Post the relevant lines in your bashrc.  keychain literally says $USER instead of your userid?  Did you upgrade bash recently?

----------

## AH

No, they don't contain $USER but the content of it.

.bashrc contains:

```
keychain ~/.ssh/id_rsa

. ~/.keychain/$HOSTNAME-sh
```

Bash is:

```
GNU bash, version 3.00.16(1)-release (i686-pc-linux-gnu)
```

I have changed the system quite alot recently, but I don't think anything should affect this. It is only a week old system. Maybe I should try the windows solution by rebooting to get everything old cleared out for sure.

----------

## grassushi

I am having a similar problem.  I've gotten keychain to load when I login as specified user. 

in .bash_profile:

```

keychain id_dsa 

. ~/.keychain/`uname -n`-sh 

```

 It loads my keys fine.  However, the problem is that everytime I open a new aterm, I receive:

```

KeyChain 2.5.4.1; http://www.gentoo.org/proj/en/keychain/

Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL

 * Found existing ssh-agent (10648)

 * Known ssh key: /home/user/.ssh/id_dsa

```

This does not happen when I open up a new xterm, rxvt, or any other terminal than aterm.  

Does anyone know how to fix this?

----------

## masseya

There's a lot of issues here that have remained unsolved for a couple months.  I'm not sure who is still monitoring this thread, but I found it on a (nearly) random search and thought I would check it out.  Here's the rundown on a couple things that might help.

1)  ~/.bash_profile is only sourced on a Login shell.  (~/.bashrc is source on non-login shells, but I also source it in my ~/.bash_profile)  Check out the bash man page for the -l command.  This is where you would want to put things like keygen commands because they produce output to the terminal.  If you add things that produce output to ~/.bashrc, then programs like scp, which are expecting no output for non-login shells, get screwed up.

2)  Various terminals have their own flags to see if they are supposed to open as login shells by default.  In konsole, you can set this in the settings for the various shell options you have.  For things like xterm and aterm will startup as a login shell when launched with the -ls flag.  (Eterm starts as a login shell by default.)  Thus, when you open a "new" aterm window, it really depends on how you are opening it as to whether or not you get a login shell.  For example, if your entry in your Fluxbox menu says that you want to simply execute "xterm" to open a new shell then you will NOT get a login shell by default.  You would need to have a line like this to get a login shell:  [exec] (XTerm White on Black) {xterm -ls -fg white -bg black}

In short, make sure you are starting a shell that will properly source whatever file in which you've decided to put your keychain startup info.  I have the following in my ~/.bash_profile and I have changed my konsole session settings for the "shell" session to execute "bash -l" by default.

```
keychain ~/.ssh/id_dsa

  [[ -f $HOME/.keychain/$HOSTNAME-sh ]] && \

    source $HOME/.keychain/$HOSTNAME-sh

  [[ -f $HOME/.keychain/$HOSTNAME-sh-gpg ]] && \

    source $HOME/.keychain/$HOSTNAME-sh-gpg
```

----------

## Vanquirius

I just had this problem. Turns out that 

/usr/kde/3.5/env/agent-startup.sh

and

/usr/kde/3.5/shutdown/agent-shutdown.sh

got overwritten in my last KDE update.

Uncommenting the relevant lines in those files made keychain work again.

----------

