Keychain problems

From: Fergus Wilde (fwilde_at_chethams.org.uk)
Date: 06/26/03

  • Next message: Van Dooren, Damian: "RE: Securing ssh tunnels." 
    To: secureshell@securityfocus.com
Date: Thu, 26 Jun 2003 12:25:52 +0100

    Hello all,

    I'm trying to get D. Robbins' keychain working on a SuSE 8.2 machine, and not
    managing it.

    I'm following Robbins article at:

    http://www-106.ibm.com/developerworks/linux/library/l-keyc2/?open&l=252,t=grl,p=ossh2

    ssh is correctly set up, the dsa and rsa keys work, and conventional set-up of
    ssh-agent with ssh-add for the keys leads to successful passwordless logins
    on the remote machines.

    I am starting keychain from .bash_profile using Robbins' script:

    #!/bin/bash
    #on this next line, we start keychain and point it to the private keys that
    #we'd like it to cache
    /usr/bin/keychain ~/.ssh/id_rsa ~/.ssh/id_dsa
    source ~/.ssh-agent > /dev/null
    #sourcing ~/.bashrc is a good thing
    source ~/.bashrc

    And the machine is indeed reading this and acting on it. I am asked for the
    passphrases ok, and things appear to have worked, an instance of ssh-agent is
    started, but when an attempt is made to log in to remote machines the
    passphrase is invariably asked for again. I need to use rsync over ssh as a
    cron job to do mirroring, so manually entering the phrase is no good - of
    course that's where keychain comes in.

    Keychain is supposed to write to the file .ssh-agent, but this file is not
    created; creating it empty with touch just leaves it sitting their empty,
    keychain isn't writing to it.

    Anyone have any clues? I am not keen on the null passphrase key approach ...
    Best
    Fergus 

    -- 
Fergus Wilde
Chetham's Library
Long Millgate
Manchester
M3  1SB
Tel: +44 161 834 7961
Fax: +44 161 839 5797
http://www.chethams.org.uk
  • Next message: Van Dooren, Damian: "RE: Securing ssh tunnels."

    Relevant Pages

    • Re: Keychain problems
      ... On Thursday 26 June 2003 12:25, Fergus Wilde wrote: ... > Keychain is supposed to write to the file .ssh-agent, ... Daniel Robbins script to be inserted in ...
      (SSH)
    • ssh-add, ssh-agent, OS X keychain
      ... I have been at this long far too long, hopefully someone more familiar with ssh and how it interacts with OS X and the OS X keychain will be able to point me in the right direction. ... However, no command I seem to issue will reset ssh-agent back to the same state it was in pre boot, or just after a user login. ... Secure password entry form, not the unlock keychain form, asking me if I again want to save a password that already exists in the OS X keychain. ...
      (SSH)
    • Re: ssh-agent without graphical display manager? how?
      ... But when I log in this way, it appears that ssh-agent is ... I use the "keychain" package plus these scripts and snippets to start and ... interactivity. ... # regularly times out keys. ...
      (Debian-User)
    • Keychain works on tty, but not in Gnome
      ... I use Keychain to cache my GPG key in order to ssh to various machines ... and requests the passphrase for the key I want to ...
      (Fedora)
    • Re: Keychain problems
      ... >> keychain isn't writing to it. ... >> Anyone have any clues? ... invoked, loading the keys at the first shell invocation after boot, and each ... shell invocation is properly configured to access that one agent. ...
      (SSH)