View previous topic :: View next topic |
Author |
Message |
jkcunningham l33t
Joined: 28 Apr 2003 Posts: 649 Location: 47.49N 121.79W
|
Posted: Tue Feb 17, 2004 3:49 pm Post subject: Setting up xdm with ssh-agent, keychain to run enlightenment |
|
|
The forums are a bit sparse on this topic and I had to solve this the hard way (trial and error). To save someone that trouble in the future, here's how I made it work:
(1) emerge x11-ssh-askpass
(2) add the line
export XSESSION=enlightenment
to your ~/.bash_profile. Don't forget to take out any call to ssh-agent / keychain you may have had in there from starting via startx.
(3) make the usual designation of window manager to /etc/rc.conf:
DISPLAYMANAGER="xdm"
XSESSION=enlightenment"
The last is the default WM that will launch if a user doesn't set it in their .bash_profile.
(2) In /etc/X11/Sessions/enlightenment:
## This is the way to start ssh-agent with keychain
/usr/bin/keychain ~/.ssh/id_rsa
source ~/.keychain/apollo.olympus.net-sh > /dev/null
## Start up enlightenment
/usr/bin/enlightenment
When you log in you should immediately be prompted for your keychain password(s) before enlightenment comes up.
Part of the difficulty lies in recognizing that ~/.xsession and ~/.xinitrc are neither one ever parsed this way. I don't know why one or the other isn't called.
-Jeff |
|
Back to top |
|
|
ozonator Guru
Joined: 11 Jun 2003 Posts: 591 Location: Ontario, Canada
|
Posted: Wed Feb 18, 2004 2:38 am Post subject: |
|
|
Just curious -- if you've installed ssh-askpass for use with X, why the use of keychain?
I've had no problem getting my ssh identity into ssh-agent for use by a windowing session (including terminals running in it), even from ~/.xsession or ~/.xinitrc. At the beginning of ~/.xsession:
Code: | eval `/usr/bin/ssh-agent`
/usr/bin/ssh-add < /dev/null |
This will prompt me for the passphrase for my id_dsa key. Next in the script, run your windowmanager, programs, etc., as usual in .xsession/.xinitrc. Finally, at the end, to clean up:
Code: | /usr/bin/ssh-agent -k |
Of course, there may be advantages of using keychain for this; the only one I can think of offhand is that my method only holds the passphrase for the X session; does yours also make the passphrase available for connections on virtual consoles or ssh connections? I've only used keychain on machines without a GUI, and now you've got me wondering what I might be missing. |
|
Back to top |
|
|
jkcunningham l33t
Joined: 28 Apr 2003 Posts: 649 Location: 47.49N 121.79W
|
Posted: Thu Feb 19, 2004 3:44 am Post subject: |
|
|
Yes, keychain holds the password below the level of X, so when you log off and back on again, it doesn't ask you for it. Only when you reboot.
But I tried putting the invocation in my ~/.xsession and/or ~/.xinitrc, only they are never being parsed with xdm running. The reason I know this is that I also added lines to them to write to a log. The (X) boot process goes through /etc/X11/xdm/Xsession, to /etc/X11/Sessions/enlightenment to ~/.bash_profile to ~/.bashrc and never touches ~/.xsession or ~/.xinitrc. This contradicts everything I've learned, but that's the way it works.
-Jeff |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|