OpenSSH keyfile format doesn't play with gnome-keyring daemon

If you use the OpenSSH keyfile format (ssh-keygen -o or using Ed25519 keys) and using gnome-keyring you may get:

sr4l@Lars-Laptop:~$ ssh user@server
sign_and_send_pubkey: signing failed: agent refused operation
Permission denied (publickey).

This error message cost me a lot of time because on some PCs it does work on others it doesn't. Later I discovered that the problem only occurred if the keys have the default name ~/ssh/id_rsa. Later I found similar reports leading to gnome-keyring daemon.

Solutions:

Deactivate gnome-keyring entirely
Only deactivate the gnome-keyring SSH backend
Safe your keyfiles with a non-default name and use ssh-add /path/to/file or ~/.ssh/config to use them

A good resource for detailed solutions can be found in the Arch Linux Wiki.

Notes for XFCE:

In XFCE gnome-keyring starts automatically if you have "Launch GNOME services on startup" under "Settings > Session and Startup > Advanced" checked. I unchecked it and enabled gnome-keyring by enabling gnome-keyring pkcs11 and secrets backend in "Settings > Session and Startup > Application Autostart"