View previous topic :: View next topic |
Author |
Message |
dripton n00b
Joined: 16 Aug 2002 Posts: 65 Location: Virginia USA
|
Posted: Sun Mar 14, 2004 2:16 pm Post subject: Running ssh-agent and gtk2-ssh-askpass under gdm |
|
|
I assume you already know about ssh keys, and how ssh-agent and ssh-add are used to manage your passphrases, so you only have to type them once per session.
If you only use one console window, you type ssh-agent bash and then you type ssh-add and it all works. (keychain is a bash script to help with this.)
If you boot to runlevel 3 (a text console), and then run ssh-agent bash and ssh-add then startx you'll find that all the child xterms in your X session are children of ssh-agent and everything works well. However, runlevel 3 is ugly, and insecure (without additional configuration) in the typical office environment because anyone who walks up to your machine can ctrl-alt-bs to kill your locked X session and get your ssh-agent-enabled shell prompt. Many people prefer runlevel 5.
So the next question is "How do I set this up to work more conveniently with a graphical login, so I get prompted for my passphrase right after the graphical login and password prompts?" And the answer depends on your distribution and environment. You need to find the right place to insert the ssh-agent and ssh-askpass lines, amidst dozens of X configuration files.
Anyway, with Gentoo and gdm, it's pretty simple:
/etc/X11/gdm/gnomerc
Code: |
startssh=
sshagent=/usr/bin/ssh-agent
gnomesession=/usr/bin/gnome-session
if [ -x $sshagent -a -z "$SSH_AUTH_SOCK" ]; then
startssh=yes
fi
if [ -n "$startssh" ]; then
exec $sshagent -- $gnomesession
else
exec $gnomesession
fi
|
/etc/env.d/99ssh_askpass
Code: |
SSH_ASKPASS=/usr/bin/gtk2-ssh-askpass
|
(I use gdm even though my current desktop is KDE, because gdm has saner configuration files than kdm.) |
|
Back to top |
|
|
revertex l33t
Joined: 23 Apr 2003 Posts: 806
|
Posted: Mon Mar 15, 2004 7:11 pm Post subject: |
|
|
I don't knew gtk2-ssh-askpass, gdm work's "out of box" with x11-ssh-askpass, but gtk2-ssh-askpass is pretty cool! Tanks! |
|
Back to top |
|
|
linux_girl Apprentice
Joined: 12 Sep 2003 Posts: 287
|
Posted: Sat Apr 17, 2004 7:11 pm Post subject: |
|
|
ther is mine : (ssh-keygen with no passphras...)
i alway use fluxbox.
this killall runing ssh-agent then start one and export it to your X sesions. then lunch small app like gaim xmms gkrellm2 and finaly xscrennsaver
Code: |
$cat ~/.fluxbox/startup|grep -v "#"
killall ssh-agent
ssh-agent -k
eval `ssh-agent`
gaim &
xmms &
gkrellm2 -w &
xscreensaver -nosplash &
/home/pbx06/.fluxbox/xterms &
exec /usr/bin/fluxbox
|
this open 5 Eterm with transparency in a 1280x1024 XFree
Code: |
$cat ~/.fluxbox/xterms|grep -v "#"
sleep 5;
Eterm -D 0 --geometry 80x24+0+0 --trans --itrans -e su&
Eterm -D 0 --geometry 80x24+506+0 --trans --itrans &
Eterm -D 0 --geometry 80x24+0+365 --trans --itrans &
Eterm -D 0 --geometry 80x24+506+365 --trans --itrans &
Eterm -D 0 --geometry 120x17+0+732 -e su -c 'tail -f /var/log/messages' --trans --itrans -T 'tail /var/log/messages'&
|
i am wondering if you have some script for ~/.bashrc or ~/.zshrc
to start ssh-agent and add keys in it ?
Cause it is pain full to load it each time i login in one of the sshd-server of the university ie : xterm@home=>sshd1=>sshd2=>sshd3
(we use NFS for sharing our home dir) _________________ |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|