How to replace Gnome Keyring SSH agent?

Hello,

I’m trying to use Bitwarden as my SSH agent on Bluefin, but I’m encountering an issue with Gnome Keyring’s SSH agent, which currently holds that role.

The problem is that Gnome Keyring aggressively sets the SSH_AUTH_SOCK environment variable to its own socket. I’ve attempted to override this using a configuration file in .config/environment.d, but it appears Keyring’s PAM module takes precedence. While I can manually add the SSH_AUTH_SOCK variable to my shell’s profile, this solution doesn’t extend to GUI applications.

Could anyone recommend the best method to either disable Gnome Keyring’s SSH agent specifically, or at least globally set the SSH_AUTH_SOCK to a different socket for the entire user session?

It’s important to note that I do not want to disable Gnome Keyring entirely, as I still rely on it for secret management. My goal is solely to prevent it from acting as an SSH agent.

Thanks in advance for any assistance!

Just a guess, but can you use flatseal to override the env var in the explicit apps where you need the Bitwarden sock setting?

Probably just a more targeted hack, but thought it would be worth mentioning.

I think your goal is the right one. I just don’t know enough about Gnome Keyring to comment on how to disable its SSH Agent role.

I didn’t know you could do that with flatseal. I will keep it in mind. Thank you.

But indeed, it is only a stop-gap measure. Hopefully someone will know how to replace keyring’s ssh agent properly.