Store ssh passphrase with kwallet



From the Manjaro forum. Written by Feakster:

https://forum.manjaro.org/t/howto-use-kwallet-as-a-login-keychain-for-storing-ssh-key-passphrases-on-manjaro-arm-kde/115719

Tested and working.

What would be needed is:

sudo pacman -S kwallet ksshaskpass kwalletmanager

The default installation of RebornOS already has everything you need to get started with the steps:

(1). First, we will have to start the ssh agent. To do this, we create a script named ssh-agent, which we will copy in ~/.config/plasma-workspace/env/. The plasma-workspace and env folders will normally not exist, so if so, we create them (ATTENTION: Do not use sudo):

mkdir ~/.config/plasma-workspace
mkdir ~/.config/plasma-workspace/env

Then, create the script:

nano ~/.config/plasma-workspace/env/ssh-agent.sh

Inside copy:

  1. #!/bin/sh
  2. if [ -z "$SSH_AUTH_SOCK" ]; then
  3. eval "$(ssh-agent -s)"
  4. fi

We will have to mark this file as executable:

chmod u+x ~/.config/plasma-workspace/env/ssh-agent.sh

(2). We will have to set the environment variable SSH_ASKPASS. To do this, we create a script named askpass.sh in ~/.config/plasma-workspace/env/:

nano ~/.config/plasma-workspace/env/askpass.sh

Inside copy:

  1. #!/bin/sh
  2. export SSH_ASKPASS='/usr/bin/ksshaskpass'

We mark it as executable:

chmod u+x ~/.config/plasma-workspace/env/askpass.sh

We create a script that starts ssh-add

nano ~/.config/autostart-scripts/ssh-add.sh

And inside we will copy the following text. ATTENTION: instead of key1, key2, key3 (more can be added) we will copy our key (if it is a standard installation, surely its value is id_rsa):

  1. #!/bin/sh
  2. ssh-add -q ~/.ssh/key1 ~/.ssh/key2 ~/.ssh/key3 < /dev/null

Then, we mark the executable file:

chmod u+x ~/.config/autostart-scripts/ssh-add.sh

Now we just have to restart. Once we access KDE, a window will open asking us to enter the passphrase of our ssh key, and a box to check (if we check it, the passphrase is remembered, and in successive reboots or when turning on the computer again, it will not will ask us for the passphrase).

You do not need anything more. The next step that appears in the original publication was not necessary (you can read it in the link shown at the beginning).