Allowing xfce4-session to use external ssh-agent

Ivan Kabaivanov ivan.kabaivanov at
Sun Nov 19 19:05:44 CET 2017

-----Original message-----
From: Yves-Alexis Perez <corsac at>
Sent: Sunday, November 19, 2017 7:46 PM
To: Xfce development list <xfce4-dev at>
Subject: Re: Allowing xfce4-session to use external ssh-agent

On Sun, 2017-11-19 at 02:51 +0200, Ivan Kabaivanov wrote:
> xfconf-query -c xfce4-session -p /startup/ssh-agent/external -n -t string -s
> true
> xfconf-query -c xfce4-session -p /startup/ssh-agent/external_socket -n -t
> string -s PATH_TO_SSH_SOCKET

What if you just set:

xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled

Afaict it works just fine here (ssh-agent is gpg-agent here, so not managed by

Unfortunately this will not work as xfce will not be aware of the existing ssh-agent socket and will not export SSH_AUTH_SOCK to apps started within the xfce4-session.

Right now we have three options:

1) Disable both ssh-agent and pgp-agent -- in this case SSH_AUTH_SOCK will be undefined and apps looking for it will not use the manually started ssh-agent (or pgp-agent for that matter)

2) Enable ssh-agent and it will be used even if pgp-agent is enabled -- only apps started within xfce will be able to use ssh-agent

3) Enable pgp-agent and disable ssh-agent -- only apps started within xfce will be able to use ssh-agent

What I'm proposing is a fourth option -- "attach" xfce4-session to an existing ssh-agent socket and export SSH_AUTH_SOCK to all apps within the xfce4-session.  Non-xfce apps will also see SSH_AUTH_SOCK as we export it via .bashrc (or whatever you prefer, systemd user unit, custom script, etc).

Full disclosure: I'm using LFS (Linux From Scratch) so I suspect major distros probably have a workaround to expose the same SSH_AUTH_SOCK to both xfce and non-xfce apps.



Xfce4-dev mailing list
Xfce4-dev at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Xfce4-dev mailing list