LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   SSH-agent at startup (http://www.linuxquestions.org/questions/linux-security-4/ssh-agent-at-startup-670141/)

CoffeeKing!!! 09-15-2008 06:49 PM

SSH-agent at startup
 
hi
looking at pstree, i can see that init starts a program called "sh" and then "ssh-agent" after booting.
1)What is "sh"?
2)can I see if "ssh-agent" has stored any passwords? I understand it's supposed to be a secure program but, what if someone had broken into my computer some other way and set their own passwords?

In the interest of security and the fact that I don't use ssh anyway how can I remove these two programs from startup?

David1357 09-15-2008 09:21 PM

Quote:

Originally Posted by CoffeeKing!!! (Post 3281415)
1)What is "sh"?

"sh" is the basic shell. On my Ubuntu 6.10 machine, it is linked to "dash":
Code:

[machine:~]:ls -l $(which sh)
lrwxrwxrwx 1 root root 4 2007-10-18 11:32 /bin/sh -> dash

On my machine, the man page for "sh" and "dash" are the same.

Quote:

Originally Posted by CoffeeKing!!! (Post 3281415)
2)can I see if "ssh-agent" has stored any passwords?

From the man page for ssh-agent:
Code:

ssh-add -l displays the identities currently held by the agent.
Quote:

Originally Posted by CoffeeKing!!! (Post 3281415)
In the interest of security and the fact that I don't use ssh anyway how can I remove these two programs from startup?

"ssh-agent" is being started by your window manager. Look for a file named "Xsession.options" in "/etc/X11". Paired with "ssh-add" it actually increases your security. The only reason to remove these from startup would be to decrease your security.

You should read the man pages for "sh", "ssh-agent", and "ssh-add" before you start doing things that might break your machine.

CoffeeKing!!! 09-15-2008 09:52 PM

Quote:

Originally Posted by David1357 (Post 3281510)
"sh" is the basic shell. On my Ubuntu 6.10 machine, it is linked to "dash":
Code:

[machine:~]:ls -l $(which sh)
lrwxrwxrwx 1 root root 4 2007-10-18 11:32 /bin/sh -> dash

On my machine, the man page for "sh" and "dash" are the same.



From the man page for ssh-agent:
Code:

ssh-add -l displays the identities currently held by the agent.


"ssh-agent" is being started by your window manager. Look for a file named "Xsession.options" in "/etc/X11". Paired with "ssh-add" it actually increases your security. The only reason to remove these from startup would be to decrease your security.

You should read the man pages for "sh", "ssh-agent", and "ssh-add" before you start doing things that might break your machine.

thanks for reminding me what "sh" is.

I don't use ssh so I'm assuming there's no harm in removing ssh-agent from the startup. (unless someone has a good reason why I shouldn't remove it from startup) I'm guessing if I did remove it, that it would be a removal from the Xsession.options file?

unixfool 09-23-2008 10:54 AM

You don't actually need ssh-agent in order to run the ssh service or client. If you aren't going to use ssh-agent, by all means, disable it from starting. It won't even hurt you if you removed it altogether, unless you've other software installed that depends upon it.

I definitely don't have it enabled to start up on my machines and I've only used it from time to time.


All times are GMT -5. The time now is 08:58 AM.