In KDE Plasma, the KDE Wallet is responsible for securely storing and supplying user credentials to the various KDE applications that request them.
Out of the box, the Solus KDE Plasma Desktop is already configured to use the KDE Wallet PAM module, which unlocks the KDE Wallet on session login.
However, additional configuration is needed to make the KDE Wallet manage SSH key passphrases.
This document assumes that you are familiar with utilising SSH key passphrases.
For more information, see working with SSH key passphrases
SSH_ASKPASS environment variable tells the SSH subsystem which application to use when prompting the user for SSH key passphrases.
On the Solus KDE Plasma Desktop spin,
ksshaskpass is installed out of the box and
SSH_ASKPASS is set to
ksshaskpass in the file
/usr/share/xdg/plasma-workspace/env/50-solus-defaults.sh by default.
The contents of
~/.config/autostart/ssh-add.desktop should reflect the SSH keys you want to manage using the KDE Wallet.
Below is an example of the contents of
[Desktop Entry] Exec=ssh-add -q Name=ssh-add Type=Application
Tip: The above ssh-add.desktop file will only add the default key
~/.ssh/id_rsa. Assuming you have different keys named key1, key2 etc you need to change the above desktop file to
[Desktop Entry] Exec=ssh-add -q ~/.ssh/key1 ~/.ssh/key2 ~/.ssh/key3 Name=ssh-add Type=Application
After logging out and back in, you should now be prompted by the KDE Wallet to input your SSH key passphrases.
KDE Wallet supports automatically unlocking your SSH key passphrases on login.
For this to work, your KDE Wallet password needs to be identical to your login password.