Re: [RFC] Initialisation of ssh-agent

To: debian-user@lists.debian.org
Subject: Re: [RFC] Initialisation of ssh-agent
From: HdV@DTO.TUDelft.NL
Date: Sat, 19 Jul 2003 19:07:19 +0200 (MEST)
Message-id: <[🔎] Pine.GSO.4.44.0307191837360.11722-100000@sanders.rc.tudelft.nl>
In-reply-to: <[🔎] Pine.GSO.4.44.0307161850240.20317-100000@sanders.rc.tudelft.nl>

On Wed, 16 Jul 2003 HdV@DTO.TUDelft.NL wrote:

> I know about /etc/X11/Xsession.options and use-ssh-agent, but most of
> the people that will be reading this are using Solaris, HP-UX and all
> kinds of GNU/Linux distributions, so this must be as portable as
> possible. Of course the above is for OpenSSH, but the same examples are
> given further in the text adapted for use with SSH.com.

Hi,

After reading a lot of stuff on the net I have written some code I think
should work for Bourne Shell and C Shell derivatives. Following are the
examples for OpenSSH. The examples for SSH.com only differ where names
of environment variables and commands are used. I'd appreciate it if you
could comment on them. Undoubtedly they can be improved upon.

As I am not well-versed in [t]csh scripting and because I could not find
any information on defining functions I simply haven't done that. Is it
possible to define functions in the C Shell?

Another thing is the $USER environment variable. On the systems I have
at my disposal (GNU/Linux and Solaris) it is set by login as expected,
but I am not sure if that is the case for other platforms (HP-UX and the
BSDs mainly) too.

Finally there is the output of "ps ux". I use it to verify the PID of
the ssh-agent process. For that I take the value found in the second
column, but I am not sure if "ps ux" will give me that on all/most
unices. Does anyone on the list know?

Thanks for you help.

Grx HdV

P.S. I looked at keychain and I really liked it, but choose not to
introduce a new tool in our environment. That would make getting this
accepted in our organization on short term all that much harder.

Here's the code for inclusion in ~/.profile:
--------------------------------------------

#!/bin/bash

AGENT_INFO=~/.ssh/agent.info
CURRENT_AGENT_PID=$(ps ux | grep "^$USER" | grep 'ssh-agent' | grep -v 'grep' | head -1 | awk '{print $2}')
TTY=/usr/bin/tty
VERBOSE=1

function init_agent {
  ssh-agent > $AGENT_INFO
  chmod 0600 $AGENT_INFO
  . $AGENT_INFO
}

#Set up an SSH Agent session if this is a terminal-session
if $TTY > /dev/null; then
  if [ "$SSH_AGENT_PID" = "" ]; then
    if [ ! -f $AGENT_INFO ]; then
      if [ "$VERBOSE" = "1" ]; then
        echo "Initializing SSH Agent..."
      fi
      init_agent
    else
      if [ "$VERBOSE" = "1" ]; then
        echo "Sourcing Agent state from $AGENT_INFO ..."
      fi
      . $AGENT_INFO
      if [ "$CURRENT_AGENT_PID" != "$SSH_AGENT_PID" ]; then
        if [ "$VERBOSE" = "1" ]; then
          echo "PID found in $AGENT_INFO differs from current PID, starting new Agent..."
        fi
        init_agent
      fi
    fi
  elif [ "$CURRENT_AGENT_PID" != "$SSH_AGENT_PID" ]; then
    if [ "$VERBOSE" = "1" ]; then
      echo "Value of SSH_AGENT_PID differs from current PID, starting new Agent..."
    fi
    init_agent
  fi
  #Remove cruft from previous sessions
  if [ "$VERBOSE" = "1" ]; then
    echo "Removing all keys from the Agent's memory..."
  fi
  ssh-add -D
  #Load default key
  if [ "$VERBOSE" = "1" ]; then
    echo "Loading default key for $USER..."
  fi
  ssh-add < /dev/null
fi


Here's the code for inclusion in ~/.login:
------------------------------------------

#!/bin/csh

set AGENT_INFO=~/.ssh/agent.info
set CURRENT_AGENT_PID=`ps ux | grep "^$USER" | grep 'ssh-agent' | grep -v 'grep' | head -1 | awk '{print $2}'`
set TTY=/usr/bin/tty
set VERBOSE=1

#Set up an SSH Agent session if this is a terminal-session
if {( $TTY > /dev/null )} then
  if ( "$SSH_AGENT_PID" == "" ) then
    if ( ! -f $AGENT_INFO ) then
      if ( "$VERBOSE" == "1" ) echo "Initializing SSH Agent..."
      ssh-agent > $AGENT_INFO
      chmod 0600 $AGENT_INFO
      source $AGENT_INFO
    else
      if ( "$VERBOSE" == "1" ) echo "Sourcing Agent state from $AGENT_INFO ..."
      source $AGENT_INFO
      if ( "$CURRENT_AGENT_PID" != "$SSH_AGENT_PID" ) then
        if ( "$VERBOSE" == "1" ) echo "PID found in $AGENT_INFO differs from current PID, starting new Agent..."
        ssh-agent > $AGENT_INFO
        chmod 0600 $AGENT_INFO
        source $AGENT_INFO
      endif
    endif
  else if ( "$CURRENT_AGENT_PID" != "$SSH_AGENT_PID" ) then
    if ( "$VERBOSE" == "1" ) echo "Value of SSH_AGENT_PID differs from current PID, starting new Agent..."
    ssh-agent > $AGENT_INFO
    chmod 0600 $AGENT_INFO
    source $AGENT_INFO
  endif
  #Remove cruft from previous sessions
  if ( "$VERBOSE" == "1" ) echo "Removing all keys from the Agent's memory..."
  ssh-add -D
  #Load default key
  if ( "$VERBOSE" == "1" ) echo "Loading default key for $USER..."
  ssh-add < /dev/null
endif

Reply to:

Follow-Ups:
- Re: [RFC] Initialisation of ssh-agent
  - From: Colin Watson <cjwatson@debian.org>

References:
- [RFC] Initialisation of ssh-agent
  - From: HdV@DTO.TUDelft.NL

Prev by Date: Re: Has debian an online updater?
Next by Date: kernel oops playing sound -- sound now wedged
Previous by thread: Re: [RFC] Initialisation of ssh-agent
Next by thread: Re: [RFC] Initialisation of ssh-agent
Index(es):
- Date
- Thread