RE: Need help starting the agent.

From: Haan, de, Jan (Jan.de.Haan_at_Essent.nl)
Date: 07/10/03

  • Next message: Dack: "Re: Need help starting the agent." 
    To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
Date: Thu, 10 Jul 2003 07:27:01 +0200

    You don't have the sequence right:

    1) set SSH_ASKPASS globally (= systemwide)

    2) run ssh-agent so that it starts your session and all
       processes you start are its 'children'

    3) from within your session run ssh-add to add all your
       keys to the agent.

    2 working examples, first from CDE:

    ~/.dtprofile:

    export SSH_ASKPASS="/opt/ssh_askpass/bin/x11-ssh-askpass"
    dtstart_session[0]="/usr/local/bin/ssh-agent $DT_BINPATH/dtsession"

    ~/.dt/sessions/sessionetc:

    #!/bin/sh
    /usr/local/bin/ssh-add < /dev/null > /dev/null

    Second example Gnome 2.2 ( ;-) )

    /etc/gdm/Sessions/Gnome:
    Gnome:96:sshagent=/usr/bin/ssh-agent
    Gnome:136:if [ -x $sshagent -a -z "$SSH_AUTH_SOCK" ]; then
    Gnome:141: exec $sshagent -- $gnomesession

    ~/.gnome2/sessionmanual:
     
    [Default]
    num_clients=1
    0,RestartStyleHint=3
    0,Priority=50
    0,RestartCommand=/opt/_scripts/gnome-ssh-askpass

    /opt/_scripts/gnome-ssh-askpass:

    #!/bin/bash
    ssh-add -l>/dev/null
    while [ $? == 1 ]; do
    # ssh-add $HOME/.ssh/identity < /dev/null > /dev/null
       ssh-add < /dev/null > /dev/null
    done

    The 'hanging' of your X client, if you don't get this right,
    is very familiar ;-)

    Sincerely

    J. de Haan.

    -----Oorspronkelijk bericht-----
    Van: Steven W. Orr
    Verzonden: donderdag 10 juli 2003 06:23
    Aan: Haan, de, Jan; secureshell@securityfocus.com
    Onderwerp: Need help starting the agent.

    I'm not sure why this doesn't work, but my X startup hangs up tight as a
    drum.

    I put this before startkde in my .xinitrc

    eval `ssh-agent`
    SSH_ASKPASS=/usr/libexec/openssh/ssh-askpass ssh-add

    So I commented out the whole line that runs ssh-add. I came up but I have
    an SSH_ASKPATH variable set. I have no idea why.

    Can somone tell me exactly what to add to my .xinitrc?

    Also, is there some way that I can autmate the passphrase? I know it may
    not be recommended but it's really what I want here.

    Thanks.

    P.S. I'm in the middle of the ssh book and it's really amazing. Lots of
    good stuff. 

    -- 
-Time flies like the wind. Fruit flies like a banana. Stranger things have -
-happened but none stranger than this. Does your driver's license say Organ
-Donor?Black holes are where God divided by zero. Listen to me! We are all-
-individuals! What if this weren't a hypothetical question?
steveo at syslang.net
  • Next message: Dack: "Re: Need help starting the agent."