Ssh keys problem
Anne Wilson
cannewilson at tiscali.co.uk
Tue Mar 21 11:36:10 UTC 2006
On Tuesday 21 March 2006 11:10, Andy Green wrote:
>
> Did you not mention some things got nuked? If you nuked
> ~/.ssh/known_hosts this is what you could expect.
>
No, it was on the remote box that some things may have got nuked.
~/.ssh/known_hosts is referring to the local box, isn't it?
> No need to be in the dark, find out if it is running, with
>
> ps -Af | grep ssh-agent
>
It was running.
> What I was telling you is that is does not matter is ssh-agent is
> running or not, if the shell you run ssh from does not have the
> environment vars spat out by ssh-agent in it, then ssh will not be able
> to communicate with ssh-agent. One of the magic vars spat out by
> ssh-agent is a randomly-chosen socketname that ssh-agent is listening on
>
> $ ssh-agent
> SSH_AUTH_SOCK=/tmp/ssh-uQXjj14171/agent.14171; export SSH_AUTH_SOCK;
> SSH_AGENT_PID=14172; export SSH_AGENT_PID;
> echo Agent pid 14172;
>
> Notice these are just printed by ssh-agent. You should start ssh-agent
> like this
>
> eval `ssh-agent`
>
> to get the magic environment vars into the current shell. Apparently
> you can stick that in
>
> /etc/X11/xinit/Xclients
>
> and infect the shell used to start your desktop manager with the magic
> vars so all of X (ie, Konsole windows, xterms, etc) can inherit them
> automatically.
>
OK - so something else, somewhere, must have been starting ssh-agent without
those variables. I rebooted, and no longer get the messages I saw before. I
am asked for the password, though, every time I transfer files. There
doesn't seem to be a conf file where you can set the key to remain active for
a specific time, as there is with gpg.
Since the whole point of the exercise was to be able to script unattended
transfers this is obviously a problem. I must be missing something else.
Any pointers?
Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060321/6bb7bf96/attachment-0001.sig>
More information about the fedora-list
mailing list