l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Oct 23 08:57

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] ssh-agent help
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] ssh-agent help

On Thu, Oct 23, 2003 at 07:05:44AM -0700, p@dirac.org wrote:
> trying to understand ssh-agent...
> my understanding is that for ssh-agent to be useful, the process needs
> to be an ancestor of all your login (vc) and non-login (xterm) shells.
It doesn't need to be the ancestor of your shells - it needs to have 
certain environment variables in the shells so that whenever you 
randomly call ssh, ssh can use those environment variables to find out 
how to talk to ssh-agent.

> where should it be run from?

As a result, a good place to start it from is .login (.profile for you 
bash guys) and from .xsession, if that's not running .login or .profile 
first (this assumes you use .xsession).

> login shells source /etc/profile, so when i log into a virtual console
> and type "startx", it should be an ancestor of all my xterms.
> but in my /etc/bash.bashrc, i source /etc/profile.  will that cause
> problems with ssh-agent running separately for each xterm i create?

Even as I described, there is still a problem with this, and that is 
that every virtual console you log into (and I frequently log into three 
or four at a time) will have its own copy of ssh-agent running. The 
keychain package (apt-get install keychain) includes a utility that can 
ensure that a user only has one ssh-agent running. Instead of running 
ssh-agent in your .login, .profile, and .xsession, run the following two 
lines (for tcsh) in those files.

keychain -q ${HOME}/.ssh/id_rsa ${HOME}/.ssh/id_dsa >& /dev/null
source $HOME/.keychain/*-csh

I usually have a GPG digital signature included as an attachment.
See http://www.gnupg.org/ for info about these digital signatures.
My key was last signed 10/14/2003. If you use GPG, *please* see me about 
signing the key. ***** My computer can't give you viruses by email. ***

Attachment: signature.asc
Description: Digital signature

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.