Bug#231276: ssh: ssh-agent (in command mode) doesn't clean up its socket
Package: ssh
Version: 1:3.4p1-1.woody.3
Severity: wishlist
There are two main modes of using ssh-agent. The first and most
popular is like this :-
$ eval `ssh-agent`
$ ssh-add
[ ... prompts/responses... ]
[ interactive shell session including ssh/scp commands ... ]
$ eval `ssh-agent -k`
The second is like this :-
$ ssh-agent bash
$ ssh-add
[ ... prompts/responses... ]
[ interactive shell session including ssh/scp commands ... ]
$ exit
This can be very useful for running noninteractive programs
(e.g. where there is no passphrase on the ssh identity file).
However, if you use ssh-agent in this way, it fails to clean up its
socket file :-
jay@excession:~$ ssh-agent bash -c 'echo $SSH_AUTH_SOCK'
/tmp/ssh-XXDI6cJc/agent.19852
jay@excession:~$ ssh-agent bash -c 'echo $SSH_AUTH_SOCK'
/tmp/ssh-XXtz469D/agent.19854
jay@excession:~$ ls -d /tmp/ssh*
/tmp/ssh-XXDI6cJc /tmp/ssh-XXqjUjYg /tmp/ssh-XXtz469D
Each of the two invocations of ssh-agent above creates a new socket,
whereas those sockets should have been deleted when the ssh-agent
tasks exited. According to 'fuser', the sockets are no longer in use
(i.e. the associated instance of ssh-agent is indeed dead, rather than
just backgrounded).
-- System Information
Debian Release: 3.0
Kernel Version: Linux excession.spiral-arm.org 2.4.22-physmem-patch2-5um #1 Wed Jan 7 08:40:12 GMT 2004 i686 unknown
Versions of the packages ssh depends on:
ii adduser 3.47 Add and remove users and groups
ii debconf 1.0.32 Debian configuration management system
ii libc6 2.2.5-11.5 GNU C Library: Shared libraries and Timezone
ii libpam-modules 0.72-35 Pluggable Authentication Modules for PAM
ii libpam0g 0.72-35 Pluggable Authentication Modules library
ii libssl0.9.6 0.9.6c-2.woody SSL shared libraries
ii libwrap0 7.6-9 Wietse Venema's TCP wrappers library
ii zlib1g 1.1.4-1.0woody compression library - runtime
--- Begin /etc/pam.d/ssh (modified conffile)
auth required pam_nologin.so
auth required pam_unix.so
auth required pam_env.so # [1]
account required pam_unix.so
session required pam_unix.so
session optional pam_lastlog.so # [1]
session optional pam_motd.so # [1]
session optional pam_mail.so standard noenv # [1]
session required pam_limits.so
password required pam_unix.so md5
--- End /etc/pam.d/ssh
Reply to: