The Problem

Today I was setting up a new machine, running Linux Mint 21.1 Xfce, to work on a project with a repository on GitHub. I followed the instructions at GitHub docs for Generating a new SSH key and adding it to the ssh-agent, as I have done when setting up access on other machines. This has worked before on various Ubuntu flavours and Linux Mint versions, but this time I was greeted with an error message when I tried to access the remote repository from a local git repo.

$ git remote show origin
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

Trying to resolve this resulted in a lot of searches on the web, and trying (and undoing) stuff that didn’t work. I won’t go into the details here, because they’re not helpful (and they’re annoying to recount). After many dead-ends, I finally got a clue from this post on the Xfce Forum. In the end, I only had to change one setting.

The Fix

Open “Session and Startup” from the “Settings” menu. On the “Advanced” tab, check “Launch GNOME services on startup.”

Screenshot-1

Session and Startup - Advanced - GNOME services

That will enable gnome-keyring which will handle ssh-agent duties.

After rebooting, and adding the SSH key to the ssh-agent, I opened a terminal in a directory with a local git repository. Running git remote show origin caused the expected behavior. The dialog prompting for the passphrase was shown, and entering the passphrase allowed access to the remote repository on GitHub.

Screenshot-2

Prompt for passphrase working as expected.

Notes

Not the setting I was looking for

While trying things that did not work, I noticed a setting on the Application Autostart tab called SSH Key Agent, which was not checked. I thought that might do the trick, but enabling it did not fix the problem. I returned it to its not-checked state before trying other things.

Screenshot-3

The SSH Key Agent setting.

SSH_AUTH_SOCK

There is an environment variable called SSH_AUTH_SOCK that holds the path of the file socket ssh-agent uses to communicate with other processes. Before applying the fix, the path was a temporary location, so any data stored there would not persist when the machine was restarted.

$ echo $SSH_AUTH_SOCK
/tmp/ssh-XXXXXXDOS77W/agent.1309

After enabling GNOME services, the socket file was under the keyring location.

$ echo $SSH_AUTH_SOCK
/run/user/1000/keyring/ssh