LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-15-2008, 06:49 PM   #1
CoffeeKing!!!
Member
 
Registered: Mar 2008
Posts: 117

Rep: Reputation: Disabled
SSH-agent at startup


hi
looking at pstree, i can see that init starts a program called "sh" and then "ssh-agent" after booting.
1)What is "sh"?
2)can I see if "ssh-agent" has stored any passwords? I understand it's supposed to be a secure program but, what if someone had broken into my computer some other way and set their own passwords?

In the interest of security and the fact that I don't use ssh anyway how can I remove these two programs from startup?
 
Old 09-15-2008, 09:21 PM   #2
David1357
Senior Member
 
Registered: Aug 2007
Location: South Carolina, U.S.A.
Distribution: Ubuntu, Fedora Core, Red Hat, SUSE, Gentoo, DSL, coLinux, uClinux
Posts: 1,300
Blog Entries: 1

Rep: Reputation: 107Reputation: 107
Quote:
Originally Posted by CoffeeKing!!! View Post
1)What is "sh"?
"sh" is the basic shell. On my Ubuntu 6.10 machine, it is linked to "dash":
Code:
[machine:~]:ls -l $(which sh)
lrwxrwxrwx 1 root root 4 2007-10-18 11:32 /bin/sh -> dash
On my machine, the man page for "sh" and "dash" are the same.

Quote:
Originally Posted by CoffeeKing!!! View Post
2)can I see if "ssh-agent" has stored any passwords?
From the man page for ssh-agent:
Code:
ssh-add -l displays the identities currently held by the agent.
Quote:
Originally Posted by CoffeeKing!!! View Post
In the interest of security and the fact that I don't use ssh anyway how can I remove these two programs from startup?
"ssh-agent" is being started by your window manager. Look for a file named "Xsession.options" in "/etc/X11". Paired with "ssh-add" it actually increases your security. The only reason to remove these from startup would be to decrease your security.

You should read the man pages for "sh", "ssh-agent", and "ssh-add" before you start doing things that might break your machine.
 
Old 09-15-2008, 09:52 PM   #3
CoffeeKing!!!
Member
 
Registered: Mar 2008
Posts: 117

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by David1357 View Post
"sh" is the basic shell. On my Ubuntu 6.10 machine, it is linked to "dash":
Code:
[machine:~]:ls -l $(which sh)
lrwxrwxrwx 1 root root 4 2007-10-18 11:32 /bin/sh -> dash
On my machine, the man page for "sh" and "dash" are the same.



From the man page for ssh-agent:
Code:
ssh-add -l displays the identities currently held by the agent.


"ssh-agent" is being started by your window manager. Look for a file named "Xsession.options" in "/etc/X11". Paired with "ssh-add" it actually increases your security. The only reason to remove these from startup would be to decrease your security.

You should read the man pages for "sh", "ssh-agent", and "ssh-add" before you start doing things that might break your machine.
thanks for reminding me what "sh" is.

I don't use ssh so I'm assuming there's no harm in removing ssh-agent from the startup. (unless someone has a good reason why I shouldn't remove it from startup) I'm guessing if I did remove it, that it would be a removal from the Xsession.options file?
 
Old 09-23-2008, 10:54 AM   #4
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
You don't actually need ssh-agent in order to run the ssh service or client. If you aren't going to use ssh-agent, by all means, disable it from starting. It won't even hurt you if you removed it altogether, unless you've other software installed that depends upon it.

I definitely don't have it enabled to start up on my machines and I've only used it from time to time.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 02:50 AM
need help with no password ssh and ssh-agent hedpe Linux - Networking 3 02-08-2007 08:49 PM
using ssh-agent Jzarecta Linux - Security 1 01-30-2007 05:28 PM
ssh-agent/ssh-add question mega Slackware 2 01-26-2005 03:09 AM
ssh-agent podollb Linux - Networking 15 10-16-2003 12:51 AM


All times are GMT -5. The time now is 10:37 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration