FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 01-15-2010, 03:07 PM
Adam Hardy
 
Default ssh-agent, keychain, xsession bash_profile scripting

I've been chasing my tail trying to work this one out following different
examples off the web, but can't sort it out and keep getting the old


"Could not open a connection to your authentication agent."

from ssh-add, and nothing but inaction from keychain.

I know everything has to run as a child of ssh-agent to gain access to its
envvars, but I don't how to achieve this.


keychain id_rsa in my .bash_profile doesn't work, I still have to give ssh my
password for the private key when I use ssh.


I guess I should be setting up the envvars in my bash env somehow when getting
them via 'ssh-agent -s' but I don't know the syntax to do this.


I always boot into a command line and then run startx when I need it, and I
think herein lies the problem - although I can't get it to work on the command
line either with keychain or ssh-add.


Thanks
Adam


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-15-2010, 04:00 PM
Jeff D
 
Default ssh-agent, keychain, xsession bash_profile scripting

On Fri, 15 Jan 2010, Adam Hardy wrote:

> I've been chasing my tail trying to work this one out following different
> examples off the web, but can't sort it out and keep getting the old
>
> "Could not open a connection to your authentication agent."
>
> from ssh-add, and nothing but inaction from keychain.
>
> I know everything has to run as a child of ssh-agent to gain access to its
> envvars, but I don't how to achieve this.
>
> keychain id_rsa in my .bash_profile doesn't work, I still have to give ssh my
> password for the private key when I use ssh.
>
> I guess I should be setting up the envvars in my bash env somehow when getting
> them via 'ssh-agent -s' but I don't know the syntax to do this.
>
> I always boot into a command line and then run startx when I need it, and I
> think herein lies the problem - although I can't get it to work on the command
> line either with keychain or ssh-add.
>
> Thanks
> Adam


Hi Adam,

from the command line you can run :

ssh-agent bash
#that starts your agent for that shell, you will need to run that for each
shell you want to have access to your keys
ssh-add -i /path/to/your/key


For X, in /etc/X11/Xsession.options, check and make sure you have
use-ssh-agent in there. That should automatically start your ssh-agent for
your X session. Then from a term you can run something like this:
#!/bin/sh

if ! ps -P $SSH_AGENT_PID ; then
echo " need to run ssh-agent"
exit 0
fi

if ssh-add -l| egrep -i "dsa|rsa" ; then
echo "keys there"
else
echo "need to add .keys"
ssh-add /path/to/id_dsa
fi


--
8 out of 10 Owners who Expressed a Preference said Their Cats Preferred Techno.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-15-2010, 04:11 PM
Adam Hardy
 
Default ssh-agent, keychain, xsession bash_profile scripting

Jeff D on 15/01/10 17:00, wrote:

On Fri, 15 Jan 2010, Adam Hardy wrote:


I've been chasing my tail trying to work this one out following different
examples off the web, but can't sort it out and keep getting the old

"Could not open a connection to your authentication agent."

from ssh-add, and nothing but inaction from keychain.

I know everything has to run as a child of ssh-agent to gain access to its
envvars, but I don't how to achieve this.

keychain id_rsa in my .bash_profile doesn't work, I still have to give ssh my
password for the private key when I use ssh.

I guess I should be setting up the envvars in my bash env somehow when getting
them via 'ssh-agent -s' but I don't know the syntax to do this.

I always boot into a command line and then run startx when I need it, and I
think herein lies the problem - although I can't get it to work on the command
line either with keychain or ssh-add.

Thanks
Adam



Hi Adam,

from the command line you can run :

ssh-agent bash
#that starts your agent for that shell, you will need to run that for each
shell you want to have access to your keys
ssh-add -i /path/to/your/key


For X, in /etc/X11/Xsession.options, check and make sure you have use-ssh-agent in there.

[SNIP]

What I'm trying to do is to get this set up in my .bash_profile so that I only
need to type in my key password once when I log into the machine.


I can't put the two command in my .bash_profile because the 2nd command won't
get executed until the first bash shell exits.


I do have the line in my Xsession.options


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-15-2010, 04:31 PM
"Boyd Stephen Smith Jr."
 
Default ssh-agent, keychain, xsession bash_profile scripting

In <4B5092D0.60803@cyberspaceroad.com>, Adam Hardy wrote:
>keychain id_rsa in my .bash_profile doesn't work, I still have to give ssh
> my password for the private key when I use ssh.

I use this for starting the daemons or connecting to existing daemons by
setting environment variables in the current shell:
eval "$(/usr/bin/keychain --eval --quiet --inherit any-once --stop others --
noask --lockwait 0)"

I use this for adding keys to an existing daemon -- it doesn't change the
environment at all:
SSH_KEYS=('id_dsa')
/usr/bin/keychain --inherit any-once --stop others --clear "${SSH_KEYS[@]}"
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
bss@iguanasuicide.net ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/ \_/
 
Old 01-15-2010, 04:41 PM
Florian Ernst
 
Default ssh-agent, keychain, xsession bash_profile scripting

Hello all,

On Fri, Jan 15, 2010 at 04:07:44PM +0000, Adam Hardy wrote:
> I've been chasing my tail trying to work this one out following
> different examples off the web, but can't sort it out and keep
> getting the old
>
> "Could not open a connection to your authentication agent."
>
> from ssh-add, and nothing but inaction from keychain.
>
> I know everything has to run as a child of ssh-agent to gain access
> to its envvars, but I don't how to achieve this.

I used to have in $HOME/.bashrc:
| AGENT_INFO_FILE=$HOME/.ssh/ssh-agent-info
| if eval `cat "$AGENT_INFO_FILE"` 2> /dev/null &&
| kill -0 $SSH_AGENT_PID 2> /dev/null
| then
| eval `cut -d'=' -f 1 "$AGENT_INFO_FILE" | xargs echo export`
| else
| eval `ssh-agent -t 86400` > /dev/null
| ( echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK";
| echo "SSH_AGENT_PID=$SSH_AGENT_PID" ) > "$AGENT_INFO_FILE"
| fi

While SSH_AUTH_SOCK is set no agent will be started during X startup as
per /etc/X11/Xsession.d/90x11-common_ssh-agent and the previously
started one will be used. This way the agent will be started only once
per boot and one only needs to ssh-add once for all gettys.

HTH,
Flo
 
Old 01-15-2010, 07:33 PM
T o n g
 
Default ssh-agent, keychain, xsession bash_profile scripting

Thanks Boyd.

On Fri, 15 Jan 2010 11:31:08 -0600, Boyd Stephen Smith Jr. wrote:

> I use this for starting the daemons or connecting to existing daemons by
> setting environment variables in the current shell: eval
> "$(/usr/bin/keychain --eval --quiet --inherit any-once --stop others --
> noask --lockwait 0)"

Do you put it in your .bash_profile?
How do you do with ~/.keychain/${HOST}-sh?

> I use this for adding keys to an existing daemon -- it doesn't change
> the environment at all:
> SSH_KEYS=('id_dsa')
> /usr/bin/keychain --inherit any-once --stop others --clear
> "${SSH_KEYS[@]}"

This is on the command line when you input ssh key, right?
With that '--clear', do you need to input ssh key every time?

Thanks

--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-15-2010, 08:36 PM
Rob Owens
 
Default ssh-agent, keychain, xsession bash_profile scripting

On Fri, Jan 15, 2010 at 05:11:14PM +0000, Adam Hardy wrote:
> Jeff D on 15/01/10 17:00, wrote:
>> On Fri, 15 Jan 2010, Adam Hardy wrote:
>>
>>> I've been chasing my tail trying to work this one out following different
>>> examples off the web, but can't sort it out and keep getting the old
>>>
>>> "Could not open a connection to your authentication agent."
>>>
>>> from ssh-add, and nothing but inaction from keychain.
>>>
>>> I know everything has to run as a child of ssh-agent to gain access to its
>>> envvars, but I don't how to achieve this.
>>>
>>> keychain id_rsa in my .bash_profile doesn't work, I still have to give ssh my
>>> password for the private key when I use ssh.
>>>
>>> I guess I should be setting up the envvars in my bash env somehow when getting
>>> them via 'ssh-agent -s' but I don't know the syntax to do this.
>>>
>>> I always boot into a command line and then run startx when I need it, and I
>>> think herein lies the problem - although I can't get it to work on the command
>>> line either with keychain or ssh-add.
>>>
>>> Thanks
>>> Adam
>>
>>
>> Hi Adam,
>>
>> from the command line you can run :
>>
>> ssh-agent bash
>> #that starts your agent for that shell, you will need to run that for each
>> shell you want to have access to your keys
>> ssh-add -i /path/to/your/key
>>
>>
>> For X, in /etc/X11/Xsession.options, check and make sure you have
>> use-ssh-agent in there.
> [SNIP]
>
> What I'm trying to do is to get this set up in my .bash_profile so that I
> only need to type in my key password once when I log into the machine.
>
> I can't put the two command in my .bash_profile because the 2nd command
> won't get executed until the first bash shell exits.
>
What about following the first command with: &

Does that work?

-Rob


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-15-2010, 08:51 PM
Michael Mohn
 
Default ssh-agent, keychain, xsession bash_profile scripting

Am 15.01.2010 um 22:36:53 schrieb Rob Owens:

> On Fri, Jan 15, 2010 at 05:11:14PM +0000, Adam Hardy wrote:
>> Jeff D on 15/01/10 17:00, wrote:
>>> On Fri, 15 Jan 2010, Adam Hardy wrote:
>>>
>>>> I've been chasing my tail trying to work this one out following different
>>>> examples off the web, but can't sort it out and keep getting the old
>>>>
>>>> "Could not open a connection to your authentication agent."
>>>>
>>>> from ssh-add, and nothing but inaction from keychain.
>>>>
>>>> I know everything has to run as a child of ssh-agent to gain access to its
>>>> envvars, but I don't how to achieve this.
>>>>
>>>> keychain id_rsa in my .bash_profile doesn't work, I still have to give ssh my
>>>> password for the private key when I use ssh.
>>>>
>>>> I guess I should be setting up the envvars in my bash env somehow when getting
>>>> them via 'ssh-agent -s' but I don't know the syntax to do this.
>>>>
>>>> I always boot into a command line and then run startx when I need it, and I
>>>> think herein lies the problem - although I can't get it to work on the command
>>>> line either with keychain or ssh-add.
>>>>
>>>> Thanks
>>>> Adam
>>>
>>>
>>> Hi Adam,
>>>
>>> from the command line you can run :
>>>
>>> ssh-agent bash
>>> #that starts your agent for that shell, you will need to run that for each
>>> shell you want to have access to your keys
>>> ssh-add -i /path/to/your/key
>>>
>>>
>>> For X, in /etc/X11/Xsession.options, check and make sure you have
>>> use-ssh-agent in there.
>> [SNIP]
>>
>> What I'm trying to do is to get this set up in my .bash_profile so that I
>> only need to type in my key password once when I log into the machine.
>>
>> I can't put the two command in my .bash_profile because the 2nd command
>> won't get executed until the first bash shell exits.
>>
> What about following the first command with: &
>
> Does that work?


you should do it this way, i think.

http://mah.everybody.org/docs/ssh


bye,

Michael.

--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-15-2010, 09:37 PM
"Boyd Stephen Smith Jr."
 
Default ssh-agent, keychain, xsession bash_profile scripting

On Friday 15 January 2010 14:33:50 T o n g wrote:
> On Fri, 15 Jan 2010 11:31:08 -0600, Boyd Stephen Smith Jr. wrote:
> > I use this for starting the daemons or connecting to existing daemons by
> > setting environment variables in the current shell: eval
> > "$(/usr/bin/keychain --eval --quiet --inherit any-once --stop others --
> > noask --lockwait 0)"
>
> Do you put it in your .bash_profile?
> How do you do with ~/.keychain/${HOST}-sh?

It's in ~/bin/keychain-start.sh which was created by me, and is sourced in my
.zshrc. Before I switched to zsh, it is sourced in my .bashrc.

> > I use this for adding keys to an existing daemon -- it doesn't change
> > the environment at all:
> > SSH_KEYS=('id_dsa')
> > /usr/bin/keychain --inherit any-once --stop others --clear
> > "${SSH_KEYS[@]}"
>
> This is on the command line when you input ssh key, right?

It's in ~/bin/keychain-load.bash which was created by me, and is run by my
.zlogin. Before I switched to zsh, it was run by my .bash_profile. (My
.bash_profile sources my .bashrc near the top.)

> With that '--clear', do you need to input ssh key every time?

Yes.

I have the command for keychain loading in separate files because I also use
them in ~/.kde/env and refer to them from .desktop files in ~/.kde/Autostart
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
bss@iguanasuicide.net ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/ \_/
 

Thread Tools




All times are GMT. The time now is 07:26 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org