Re: ssh-agent not the mother of all my processes?

To: debian-user@lists.debian.org
Subject: Re: ssh-agent not the mother of all my processes?
From: HdV@DTO.TUDelft.NL
Date: Sat, 13 Sep 2003 13:21:42 +0200 (MEST)
Message-id: <[🔎] Pine.GSO.4.44.0309131250380.11391-100000@sanders.rc.tudelft.nl>
In-reply-to: <[🔎] 1063432660.655.21.camel@310e50>

On Sat, 13 Sep 2003, Neo wrote:

> 	using debian woody close to a year, still learning every
> day, and running more and more in more difficult to answer
> questions.

I know the feeling }:-)

> 	To propagate the ssh-agent values to all your processes
> it is started as one of your first processes and all your other
> processes are suposed to be started as a child of it. Yet when I
> start a gnome-terminal and track its ancestry through 'ps -ef' I end
> up with process 1 (easier to do with gps, though, but same result)
> without encountering on the way my ssh-agent. Still the environment
> has the ssh environment variables (SSH_AGENT_PID etc.) which work
> perfectly. How does this happen?

As quoted from my SSH pages:

<begin of quote>

SSH Agent can be started in two ways. Using the command

eval `ssh-agent`

will start a shell with ssh-agent running in the background. All other
processes started in that shell subsequently can make use of the
services offered by that Agent. Prior to ending such a session the SSH
Agent must be stopped with

eval `ssh-agent -k`

Failure to do that will mean that the ssh-agent process will just keep
on running in the background. After a couple of sessions a lot of Agents
could be gathered consuming quite a lot of CPU cycles without returning
anything useful for it.

The 'eval' construction is needed because ssh-agent creates some
environment variables that other SSH related processes need to connect
to the Agent. Without using the 'eval' the shell spawning the ssh-agent
process would not be able to interpret those variables in its own
context.

Another method of starting the Agent is to use the command

ssh-agent $SHELL

If ssh-agent is given the path to a shell as an argument it will run in
the foreground and from there spawn a subshell. The rest of that session
will happen in the context of that subshell and upon ending it the Agent
will be stopped as well.

</end of quote>

By default Debian GNU/Linux makes it easy on you by starting an Agent
automatically during the initialization of X if in the file
/etc/X11/Xsession.options the option use-ssh-agent is activated. In that case
something like this is used

REALSTARTUP="$SSHAGENT $SSHAGENTARGS $REALSTARTUP"

Grep for the variable REALSTARTUP in /etc/X11/ and below to see for
yourself what value those variables are supplied with.

As you can see both methods are quite different. Both work just fine,
but your system sees ssh-agent in a different manner depending on how it
was started.

For a full writeup on using SSH Agent see

http://huizen.dto.tudelft.nl/devries/security/ssh2_pubkey_auth_config.html

HTH

Grx HdV

Reply to:

References:
- ssh-agent not the mother of all my processes?
  - From: Neo <netman1@home.nl>

Prev by Date: Re: how to get a silent harddisk?
Next by Date: Re: dvd::rip / transcode
Previous by thread: ssh-agent not the mother of all my processes?
Next by thread: Adding users /home
Index(es):
- Date
- Thread