|
ssh-agent
How can I start an ssh-agent when my system starts and use that agent throughout my session so that all my xterms I start will have that ssh-agent running them?
|
If you are running RH9 then this should be done for you as soon as you are in X. What does ps -ef | grep ssh-agent show you when you are in X?
cheers Jamie... |
You were right I do have a ssh-agent running:
[podollb@Lapdog ~]$ ps -ef | grep ssh-agent podollb 6855 6818 0 15:42 pts/3 00:00:00 grep ssh-agent [podollb@Lapdog ~]$ So I have an agent started, now how would I go about doing a ssh-add to be automatic too? I know I have to enter a passphrase but if I only had to do that on boot that would be great, then all other xterms would be running that agent (correct?) -- so what I am hoping to accomplish is automate the process I normally have to do to get into my server at work, which is: ssh-agent tcsh ssh-add <I type the passphrase> ssh <my_server_at_work> And ideas? |
I was expecting to see ssh-agent having started your window manager. Your ps -ef | grep ssh-agent show that ssh-agent isn't running, it just matched the grep process. I'm not in work until Monday so can't really look until then. But I'm sure it was just in /etc/X11/somehwere. Try grep'ing for ssh-agent in that directory and see what you find.
Sorry that I can't be more specific, it was already setup on my RH9 build out of the box. cheers Jamie... |
[root@Lapdog /home/podollb]# grep -r ssh-agent /etc/X11/
/etc/X11/xinit/xinitrc: [ -x /usr/bin/ssh-agent -a -z "$SSH_AGENT_PID" ] && \ /etc/X11/xinit/xinitrc: exec ssh-agent $HOME/.Xclients || \ /etc/X11/xinit/xinitrc: [ -x /usr/bin/ssh-agent -a -z "$SSH_AGENT_PID" ] && \ /etc/X11/xinit/xinitrc: exec ssh-agent /etc/X11/xinit/Xclients || \ /etc/X11/xdm/Xsession:# is ssh-agent available? /etc/X11/xdm/Xsession:[ -x /usr/bin/ssh-agent ] && SSHAGENT="/usr/bin/ssh-agent" [root@Lapdog /home/podollb]# I guess may have changed that because I use Fluxbox window manager and I just boot right to that without all the other Xsession stuff that RH did for the default wm's (Gnome and KDE) Any suggestions you have for starting an ssh-agent sessions automatically via a script over the next couple days would be much appreciated. |
Do you have an .xinitrc file in your home directory? If this is where fluxbox is being started from then you simply need to put the /usr/bin/ssh-agent line in front of it. If its not being started from there, then you need to track down where it is being started.
cheers Jamie... |
Yep that is where I start it from...
If I add a line to start the ssh-agent will all xterms started after that use that session? And how does the ssh-add come into play to get to my solution. |
Once you are in X you can run ssh-add in any of your xterms and from that point on every process you run under X will have access to your keypair. There is also a way to get ssh-add to use a graphical client to prompt you for you pass phrase at boot time. The directory you grep'ed earlier will contain examples. You need to set two environments one points to the programs that will be used for the pass phrase prompt.
cheers Jamie... |
I have a ssh-agent running but from other xterms if I do a ssh-add it says no agents are defined.
|
So long as ssh-agent has been used to start your window mangaer then all your xterms (so long as they are started by the window manager) should be able to access your keys too. Just to confirm - you changed your .xinitrc so that the last line is something like exec ssh-agetnt windowManager and you have ran ssh-add in just one xterm? At this point you should be able to start another xterm and run ssh-add -l which should list your identities.
cheers Jamie... |
When I start my window manager I store it's pid in a variable wmpid:
/usr/local/bin/fluxbox & wmpid=$! So can I do something like this: ssh-agent /usr/local/bin/fluxbox & wmpid=$! Then later in the file when I start some xterms like this: xterm & They will be run from that agent? Then I just have to manually do the ssh-add and all will be good? |
I think that putting ssh-agent in front of that will result in you storing the pid of ssh-agent rather than the WM but give it a so. Why are you storing the PID our or curiousity? If its to kill the WM then once you are starting it from ssh-agent you will want to kill ssh-agent instead anyway.
Apart from that yeah, spot on - just add the ssh-agent line :) cheers Jamie... |
I just did it that way for no apparant reason, I started the wm as the first thing and then started other things later on in my .xinitrc and then at the end just wait on that wm's pid, but if that ssh-agent never expires I will just wait on that, no big deal.
|
So how do I go about starting the xterms via X programatically.
Now I have the ssh-agent starting my wm and later in my xinitrc file I had started a few xterms but they aren't started frmo the wm so they don't have the ssh-agent associated with them, but you were right any xterm I start from the wm have that association... But I wish I could have a few xterms load up on startup by the wm as to have that association, is that possible? Also just a quick note: Does the ssh-agent ever expire? |
Hi podollb.
I have agood solution for all your ssh problem. Try to use keychain 2.0 from http://www.gentoo.org/proj/en/keychain.xml its very easy to configure and use. and its free under GPL Regards, Gautam Pagedar |
| All times are GMT -5. The time now is 03:02 PM. |