LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 10-14-2003, 02:17 AM   #1
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Rep: Reputation: 30
ssh-agent


How can I start an ssh-agent when my system starts and use that agent throughout my session so that all my xterms I start will have that ssh-agent running them?
 
Old 10-14-2003, 02:27 PM   #2
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
If you are running RH9 then this should be done for you as soon as you are in X. What does ps -ef | grep ssh-agent show you when you are in X?

cheers

Jamie...
 
Old 10-14-2003, 03:43 PM   #3
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
You were right I do have a ssh-agent running:

[podollb@Lapdog ~]$ ps -ef | grep ssh-agent
podollb 6855 6818 0 15:42 pts/3 00:00:00 grep ssh-agent
[podollb@Lapdog ~]$

So I have an agent started, now how would I go about doing a ssh-add to be automatic too? I know I have to enter a passphrase but if I only had to do that on boot that would be great, then all other xterms would be running that agent (correct?) -- so what I am hoping to accomplish is automate the process I normally have to do to get into my server at work, which is:

ssh-agent tcsh
ssh-add
<I type the passphrase>
ssh <my_server_at_work>

And ideas?
 
Old 10-14-2003, 04:12 PM   #4
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
I was expecting to see ssh-agent having started your window manager. Your ps -ef | grep ssh-agent show that ssh-agent isn't running, it just matched the grep process. I'm not in work until Monday so can't really look until then. But I'm sure it was just in /etc/X11/somehwere. Try grep'ing for ssh-agent in that directory and see what you find.

Sorry that I can't be more specific, it was already setup on my RH9 build out of the box.

cheers

Jamie...
 
Old 10-14-2003, 04:19 PM   #5
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
[root@Lapdog /home/podollb]# grep -r ssh-agent /etc/X11/
/etc/X11/xinit/xinitrc: [ -x /usr/bin/ssh-agent -a -z "$SSH_AGENT_PID" ] && \
/etc/X11/xinit/xinitrc: exec ssh-agent $HOME/.Xclients || \
/etc/X11/xinit/xinitrc: [ -x /usr/bin/ssh-agent -a -z "$SSH_AGENT_PID" ] && \
/etc/X11/xinit/xinitrc: exec ssh-agent /etc/X11/xinit/Xclients || \
/etc/X11/xdm/Xsession:# is ssh-agent available?
/etc/X11/xdm/Xsession:[ -x /usr/bin/ssh-agent ] && SSHAGENT="/usr/bin/ssh-agent"
[root@Lapdog /home/podollb]#

I guess may have changed that because I use Fluxbox window manager and I just boot right to that without all the other Xsession stuff that RH did for the default wm's (Gnome and KDE)

Any suggestions you have for starting an ssh-agent sessions automatically via a script over the next couple days would be much appreciated.
 
Old 10-14-2003, 04:28 PM   #6
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
Do you have an .xinitrc file in your home directory? If this is where fluxbox is being started from then you simply need to put the /usr/bin/ssh-agent line in front of it. If its not being started from there, then you need to track down where it is being started.

cheers

Jamie...
 
Old 10-14-2003, 04:40 PM   #7
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
Yep that is where I start it from...
If I add a line to start the ssh-agent will all xterms started after that use that session?
And how does the ssh-add come into play to get to my solution.
 
Old 10-14-2003, 04:52 PM   #8
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
Once you are in X you can run ssh-add in any of your xterms and from that point on every process you run under X will have access to your keypair. There is also a way to get ssh-add to use a graphical client to prompt you for you pass phrase at boot time. The directory you grep'ed earlier will contain examples. You need to set two environments one points to the programs that will be used for the pass phrase prompt.

cheers

Jamie...
 
Old 10-15-2003, 12:55 AM   #9
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
I have a ssh-agent running but from other xterms if I do a ssh-add it says no agents are defined.
 
Old 10-15-2003, 01:59 AM   #10
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
So long as ssh-agent has been used to start your window mangaer then all your xterms (so long as they are started by the window manager) should be able to access your keys too. Just to confirm - you changed your .xinitrc so that the last line is something like exec ssh-agetnt windowManager and you have ran ssh-add in just one xterm? At this point you should be able to start another xterm and run ssh-add -l which should list your identities.

cheers

Jamie...
 
Old 10-15-2003, 02:07 AM   #11
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
When I start my window manager I store it's pid in a variable wmpid:
/usr/local/bin/fluxbox & wmpid=$!

So can I do something like this:
ssh-agent /usr/local/bin/fluxbox & wmpid=$!

Then later in the file when I start some xterms like this:
xterm &

They will be run from that agent?

Then I just have to manually do the ssh-add and all will be good?
 
Old 10-15-2003, 02:13 AM   #12
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
I think that putting ssh-agent in front of that will result in you storing the pid of ssh-agent rather than the WM but give it a so. Why are you storing the PID our or curiousity? If its to kill the WM then once you are starting it from ssh-agent you will want to kill ssh-agent instead anyway.

Apart from that yeah, spot on - just add the ssh-agent line

cheers

Jamie...
 
Old 10-15-2003, 02:16 AM   #13
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
I just did it that way for no apparant reason, I started the wm as the first thing and then started other things later on in my .xinitrc and then at the end just wait on that wm's pid, but if that ssh-agent never expires I will just wait on that, no big deal.
 
Old 10-15-2003, 01:49 PM   #14
podollb
Member
 
Registered: Oct 2003
Location: Grand Forks, ND
Distribution: Suse/Slackware/RH
Posts: 161

Original Poster
Rep: Reputation: 30
So how do I go about starting the xterms via X programatically.
Now I have the ssh-agent starting my wm and later in my xinitrc file I had started a few xterms but they aren't started frmo the wm so they don't have the ssh-agent associated with them, but you were right any xterm I start from the wm have that association... But I wish I could have a few xterms load up on startup by the wm as to have that association, is that possible? Also just a quick note: Does the ssh-agent ever expire?
 
Old 10-16-2003, 12:26 AM   #15
gpagedar
LQ Newbie
 
Registered: Sep 2003
Posts: 11

Rep: Reputation: 0
Hi podollb.

I have agood solution for all your ssh problem. Try to use keychain 2.0 from http://www.gentoo.org/proj/en/keychain.xml
its very easy to configure and use. and its free under GPL

Regards,
Gautam Pagedar
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 02:50 AM
ssh-agent overload nifflerX Linux - Networking 0 10-07-2005 11:29 AM
ssh-agent/ssh-add question mega Slackware 2 01-26-2005 03:09 AM
ssh-agent alaios Linux - Security 5 05-02-2004 11:24 AM
Getting ssh-agent to work.. Sonny Linux - Security 16 01-25-2002 06:57 PM


All times are GMT -5. The time now is 02:59 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration