Ask your questions here.
Post a reply

ssh-agent

Sun Jan 27, 2013 10:07 am

As of now i avoided the problem.
I entered my ssh-key password when needed, and all was fine.

yak-shaving as it's best makes me want to set up ssh-agent.
Yak-Shaving? To get a better understanding of ruby-packaging i try got git clone the pkg-ruby-extras repository to have a look at already packaged gems. They use mr. To use mr i need to use ssh-agent (else "mr checkout" will fail).

Right now i do this:
eval `ssh-agent`
cd ~/.ssh
ssh-add name_of_rsa
Now run the ssh command i wanted to run.

That doesn't look like a very sexy solution.
How can such a task be solved in a comfortable manner?
Say: the first time i ssh/sshfs/sftp to a remote, instead of running the command ssh-add will be run, and henceforth i got my ssh-key added to ssh-agent.

Re: ssh-agent

Sun Jan 27, 2013 3:10 pm

You want the script to only add the key if it hasn't already been added?

One way to do that is to use 'ssh-add -l' (lower case L) to show the fingerprints of added keys. You could test for the specific fingerprint of the key in question and prohibit adding it if it's already there, or you could test for the words "The agent has no identities" to initiate adding the key.
Code:
if ! $(ssh-add -l |grep -q <fingerprint>) ; then
    ssh-add /path/to/key
fi

or
Code:
if $(ssh -l | grep -q "The agent has no identities") ; then
    ssh-add /path/to/key
fi


I guess another way to handle it is to only use the key in the ssh command every time you run it, and don't use ssh-add.
Code:
ssh -i /path/to/key/ ...

Re: ssh-agent

Sun Jan 27, 2013 3:20 pm

In general i want info how to deal with the problem.
What programs are there, how are they used?
I only know ssh-agent and ssh-add (and only for short).
The way they are used right now, by me, is anything but comfortable.

But no, i didn't mean:
How to add a key only if it is not added yet.

I meant:
If i run "ssh my-server" and the key is not added, the key shall be added automatic by asking me for the passphrase and adding it.
Something which tests: "I need a ssh-key. Is it added to ssh-agent yet? If no: add it, else just run the command".

Even better would be to login, and right after login load (at least) the most common keys.

The "eval" is beyond me. It looks like: I run "eval `ssh-agent`" and that works, but only for the actual shell. If i start a new one it breaks ("ssh-add keyname" gives an error. I can kill the old instance and start from scratch).
Is that more clear? I am not sure.

Re: ssh-agent

Sun Jan 27, 2013 3:27 pm

Most easy version of my question:
How and with which tools do you people handle the problem?

Re: ssh-agent

Mon Jan 28, 2013 11:09 am

I gave up the hope to solve this.
Just in case i add some further info.

1)
I use:
eval `ssh-agent`
due to this bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646938
If i simply run:
ssh-agent
i get this error message:
$ ssh-add from-klatsch_rsa
Could not open a connection to your authentication agent.

Though i first get a message which says ssh-agent is started:
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-f7wbGgnYzp1P/agent.5980; export SSH_AUTH_SOCK;
SSH_AGENT_PID=5981; export SSH_AGENT_PID;
echo Agent pid 5981;

2)
If i start ssh-agent with eval, it works.
But if i open another shell, terminal, tty, it doesn't work anymore.
I run
ssh-add name_of_rsa
it gets added without problems, but if i use it i have to enter the password for the ssh-key i just added.

Re: ssh-agent

Sat Feb 02, 2013 1:38 pm

Looking at xfce4-settings-manager, session and startup, i see that "policy kit authentication agent" is enabled at the tab autostart.

Now i need to figure out what that is. At first glance it seems to be related.

Re: ssh-agent

Sun Feb 03, 2013 10:51 pm

fsmithred helped me with troubleshooting it (using pstree, if i am correct).

installling lightdm will solve the problem.
If i then go to a tty i ain't got an agent running neither
(not fully perfect),
but it would be a solution.

Instead of running lightdm for no nothing, i could also open a terminal on desktop 1, let it run and only use it to do my ssh stuff.

We also ran into dbus-launch, but in the end it lead nowhere (still i mention it here, to keep it in mind).

Exacltly the reason why i avoided using it: things are happening, and i got no idea why or how (not unusual) but even if i search i can't find any info (the latter is what bugs me. No one can understand every little thing which happens).

Re: ssh-agent

Tue Mar 26, 2013 4:07 am

The last few weeks i have logged into tty1, logged into tty2, ran "eval `ssh-agent` and "ssh-add path/to/serverkey_rsa", gone back to tty1 and started X. If i had to use keys i used tty2.

But it seems:
If running "eval `ssh-agent`" and "ssh-add path/to/key_rsa" from tty1, then startx from tty1, i can use ssh-agent from the gui.
If i am right, that is a step forward.
Post a reply