Ubuntu: disable Gnome Keyring SSH Agent (make Ubuntu NOT remember SSH private key passwords)

  1. sudo nano /etc/xdg/autostart/gnome-keyring-ssh.desktop then set

     NoDisplay=false
    
  2. In “Startup Applications”, you will see SSH Key Agent Gnome Keyring: SSH Agent – uncheck this checkbox and click Close.
  3. Reboot Ubuntu and test to be sure that your private key passwords aren’t being remembered (every use of SSH private key will require retyping password).

Ubuntu Gnome Agent remembers SSH private key passwords until you log out. Thus, if someone knows my Ubuntu user password, they would then have access to any SSH private keys I loaded during that session (since last logon).

if gnome-agent still seems to be active

be sure you’re running at least gnome-keyring version 3.10.1-1ubuntu4.2, since some earlier versions (e.g. 3.10.1-1ubuntu4.1) make the process below not take effect (SSH keys still remembered on earlier versions of Gnome Keyring.)

reference

Tags:

Categories:

Updated: