After some digging, I was able to figure out the problem. I actually have multiple keys. In Kwallet, I noticed that one of them has the wrong passphrase. So looks like I put the passphrase of Key X...
#1: Initial revision copy link
After some digging, I was able to figure out the problem. I actually have multiple keys. In Kwallet, I noticed that one of them has the wrong passphrase. So looks like I put the passphrase of Key X for both keys X and Y, and now Y is failing (because that's the wrong passphrase). It looks like Kwallet decided to remember this and never ask me, while ssh-agent kept silently failing to unlock and never telling me. Re-adding the key with correct passphrase didn't help because it kept getting the wrong passphrase from Kwallet. To help future readers, I would recommend troubleshooting like so: 1. Check how many SSH agents are running: `pgrep ssh` * If any are running, it's better to kill them all with `pkill ssh` so you can start fresh * You can do it with `env | rg ssh` 2. Check the environment variables are set. When you run `ssh-agent`, it will print some commands that are meant to be sourced by a shell. These set the envars `SSH_AGENT_PID` and `SSH_AUTH_SOCK`. Of course their values will change at every run of `ssh-agent`, so it is better to do `ssh-agent > ~/.ssh/ssh-agent.env` and then source the .env file, so that you can also inspect it later. * `SSH_AGENT_PID` must match the actual PID from `pgrep ssh` * The file in `SSH_AUTH_SOCK` must exist 3. Check that keys are added. `ssh-add -l` will show currently cached keys. `ssh-add /path/to/key` will add a key. * The key you want must be present. 4. Check the cached passphrase. When adding keys, the agent should ask you for a passphrase in a manner determined by the envars `SSH_ASKPASS` and `SSH_ASKPASS_REQUIRE`. These are sometimes set to various password managers. For example, `SSH_ASKPASS=$(which ksshaskpass)` with kwallet installed allows you to check "remember password" when entering your passphrase. If a credential store is configured with these envars, open that store and see if you can find anything about the keys. It is sometimes useful to delete the saved SSH key passphrases from this store, so that it forces you to enter it again next time you do `ssh-add`. This will eliminate the possibility of an incorrect passphrase like I describe in the beginning of my post.