GNOME Bugzilla – Bug 772919
SSH_AUTH_SOCK set in gnome-session-wayland though ssh-agent has been disabled
Last modified: 2017-06-21 22:24:10 UTC
Expected outcome: SSH_AUTH_SOCK is unset in wayland-based session if autostart of ssh-agent component of gnome-keyring is disabled. Actual outcome: SSH_AUTH_SOCK is set in wayland-based session though autostart of ssh-agent component of gnome-keyring is disabled. I am running archlinux and recently gnome was upgraded to 3.22.1 with wayland being the default. Similarly to the X-based session i want to disable the ssh-agent component of gnome-keyring, instead using the one provided by openssh. The way this used to work is to copy over /etc/xdg/autostart/gnome-keyring-ssh.desktop to ./config/autostart/gnome-keyring-ssh.desktop and prepending "Hidden=true" to that file. Though the ssh-agent component is indeed not started in both sessions, wayland- and X-based, in a wayland-based session the environment variable SSH_AUTH_SOCK is still being set pointing to a non-existing socket in /run/user/${UID}/keyring/. This overwrites setting the environment variable to something different from e.g. .pam_environment, breaking the use-case of using the ssh-agent provided by openssh instead of the one provided by gnome-keyring.
we had to add a junky workaround a few releases back to fix ssh-agent in wayland due to an ordering problem. You can bypass the workaround with GSM_SKIP_SSH_AGENT_WORKAROUND=1 in your environment. I think these days we don't need the workaround, so I should probably remove it. I'll use this bug to track removal of the workaround.
Created attachment 354067 [details] [review] Remove the code path forcing SSH_AUTH_SOCK to be set I ran into this issue as well. This patch (which is trivial) just removes the code path. Apparently the upstream bug #738205 is fixed, so I don't think the code path is necessary. I have confirmed that this fixes the problem for me.