| View previous topic :: View next topic |
| Author |
Message |
AH
n00b
Joined: 11 Jun 2004
Posts: 32
|
 Posted: Mon Aug 08, 2005 10:41 pm Post subject: keychain and ssh-agent requests passphrase on all new shells |
 |
|
Suddenly (that is I don't think I have done any changes relevant to this) keychain doesn't seem to work. New shells are missing SSH_AGENT_PID and SSH_AUTH_SOCK.
If I kill all ssh-agent processes and start a new shell I get to enter my passphrase for the identity I have defined:
| Code: | * Adding 1 ssh key(s)...
Enter passphrase for /home/$USER/.ssh/id_rsa:
Identity added: /home/$USER/.ssh/id_rsa (/home/$USER/.ssh/id_rsa) |
But:
| Code: | env | grep ssh
CVS_RSH=ssh |
This ofcourse gives:
| Code: | ssh-add -l
Could not open a connection to your authentication agent.
|
If I try to ssh somewhere, like localhost, it requests passphrase yet again.
If I manually do:
it works, until I close that shell. I thought keychain was supposed to take care of all this for me?
.bashrc and ~/.keychain/$HOST-sh seems to contain reasonable information.
Searching the forums give some similar threads, but nothing exactly like this that solves the problem. |
|
| Back to top |
|
 |
grimm26
Guru
Joined: 23 May 2004
Posts: 313
Location: Chicagoland, IL
|
| Posted: Mon Aug 08, 2005 11:10 pm Post subject: |
|
|
Post the relevant lines in your bashrc. keychain literally says $USER instead of your userid? Did you upgrade bash recently?
_________________
"Blessed is he who finds happiness in his own foolishness, for he will always be happy". |
|
| Back to top |
|
|
AH
n00b
Joined: 11 Jun 2004
Posts: 32
|
| Posted: Mon Aug 08, 2005 11:24 pm Post subject: |
|
|
No, they don't contain $USER but the content of it.
.bashrc contains:
| Code: | keychain ~/.ssh/id_rsa
. ~/.keychain/$HOSTNAME-sh |
Bash is:
| Code: | | GNU bash, version 3.00.16(1)-release (i686-pc-linux-gnu) |
I have changed the system quite alot recently, but I don't think anything should affect this. It is only a week old system. Maybe I should try the windows solution by rebooting to get everything old cleared out for sure. |
|
| Back to top |
|
|
grassushi
n00b
Joined: 11 Feb 2005
Posts: 54
|
| Posted: Tue Sep 06, 2005 5:00 pm Post subject: |
|
|
I am having a similar problem. I've gotten keychain to load when I login as specified user.
in .bash_profile:
| Code: |
keychain id_dsa
. ~/.keychain/`uname -n`-sh
|
It loads my keys fine. However, the problem is that everytime I open a new aterm, I receive:
| Code: |
KeyChain 2.5.4.1; http://www.gentoo.org/proj/en/keychain/
Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL
* Found existing ssh-agent (10648)
* Known ssh key: /home/user/.ssh/id_dsa
|
This does not happen when I open up a new xterm, rxvt, or any other terminal than aterm.
Does anyone know how to fix this? |
|
| Back to top |
|
|
masseya
Bodhisattva
Joined: 17 Apr 2002
Posts: 2602
Location: Baltimore, MD
|
| Posted: Fri Nov 18, 2005 9:52 pm Post subject: |
|
|
There's a lot of issues here that have remained unsolved for a couple months. I'm not sure who is still monitoring this thread, but I found it on a (nearly) random search and thought I would check it out. Here's the rundown on a couple things that might help.
1) ~/.bash_profile is only sourced on a Login shell. (~/.bashrc is source on non-login shells, but I also source it in my ~/.bash_profile) Check out the bash man page for the -l command. This is where you would want to put things like keygen commands because they produce output to the terminal. If you add things that produce output to ~/.bashrc, then programs like scp, which are expecting no output for non-login shells, get screwed up.
2) Various terminals have their own flags to see if they are supposed to open as login shells by default. In konsole, you can set this in the settings for the various shell options you have. For things like xterm and aterm will startup as a login shell when launched with the -ls flag. (Eterm starts as a login shell by default.) Thus, when you open a "new" aterm window, it really depends on how you are opening it as to whether or not you get a login shell. For example, if your entry in your Fluxbox menu says that you want to simply execute "xterm" to open a new shell then you will NOT get a login shell by default. You would need to have a line like this to get a login shell: [exec] (XTerm White on Black) {xterm -ls -fg white -bg black}
In short, make sure you are starting a shell that will properly source whatever file in which you've decided to put your keychain startup info. I have the following in my ~/.bash_profile and I have changed my konsole session settings for the "shell" session to execute "bash -l" by default.
| Code: | keychain ~/.ssh/id_dsa
[[ -f $HOME/.keychain/$HOSTNAME-sh ]] && \
source $HOME/.keychain/$HOSTNAME-sh
[[ -f $HOME/.keychain/$HOSTNAME-sh-gpg ]] && \
source $HOME/.keychain/$HOSTNAME-sh-gpg |
_________________
if i never try anything, i never learn anything..
if i never take a risk, i stay where i am.. |
|
| Back to top |
|
|
Vanquirius
Retired Dev
Joined: 14 Jun 2002
Posts: 1297
Location: Ethereal plains
|
| Posted: Sun Feb 05, 2006 2:54 am Post subject: |
|
|
I just had this problem. Turns out that
/usr/kde/3.5/env/agent-startup.sh
and
/usr/kde/3.5/shutdown/agent-shutdown.sh
got overwritten in my last KDE update.
Uncommenting the relevant lines in those files made keychain work again.
_________________
Hello. |
|
| Back to top |
|
|
|
Networking & Security
