[NTLUG:Discuss] ssh, ssh-agent, and ssh-add
MadHat
madhat at unspecific.com
Mon Feb 18 09:15:24 CST 2002
There have been a couple of responses, but something I wanted to point
out... if you run ssh-agent by itself you get a couple of environment
variables echoed to the screen. When you run it via 'ssh-agent bash' or
'ssh-agent tcsh' it runs those lines and adds these variables into
memory.
The 2 variables are SSH_AUTH_SOCK and SSH_AGENT_PID, once you get these,
they can be added to any shell you have running, or can be added to your
.profile or .cshrc But remember this will only work until you kill that
pid, close that socket and/or kill ssh-agent (yes the same as killing
the pid).
Oh and for those of you who made it, that socket is what can be hijacked
by someone with root (or your userid) access. they can also use that
socket for authentication, they have to know the right socket name and
the proper PID, but it is possible.
On Sat, 2002-02-16 at 13:31, Tom Woody wrote:
> Just got back from the ssh presentation, and a great one it was...
>
> if I run: ssh-agent tcsh
> then run: ssh-add
> type in my passphrase...my key is loaded and I am ready to connect. My problem is that if I close the window where I have done the agent stuff, then I have to do it all again before I can connect to my hosts again.
>
> Is there a way to load the agent, and add the keys 1 time and have them be available to workstation, and any subsequent windows that are opened?
>
> I use ssh so much throughout the day from my linux workstation to the machines I maintain (using X11) that Its just as much a hassle to type in the passphrase, as it is to type in a password.
>
> --
> Tom Woody
>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
--
MadHat at Unspecific.com
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98
Key fingerprint = E786 7B30 7534 DCC2 94D5 91DE E922 0B21 9DDC 3E98
More information about the Discuss
mailing list