[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: passwordless ssh-login

Am Mi, den 03.12.2003 schrieb Vineet Kumar um 21:32:
> * Joerg Johannes (liste_joerg@gmx.de) [031203 08:08]:
> > Am Di, den 02.12.2003 schrieb Joerg Johannes um 09:25:
> > > I am starting Debian X environment using gdm, but after logging in, I
> > > can't find ssh-agent in ps -ae. Only see it after starting it by hand.
> How are you starting it?  The best way to do this is to start your x
> session "under" ssh-agent; for example, the default debian Xsession
> scripts on my machine have me running "/usr/bin/ssh-agent
> x-window-manager".  Do you have a local ~/.Xsession?  If not, you should
> try to figure out why the system-wide one on your system is not running
> ssh-agent (check /etc/X11/Xsession.options for a line that says
> 'use-ssh-agent').  If so, it's probably just a matter of invoking
> ssh-agent properly in your X session.
Hmmm. I don't have ~/.Xsession, and in /etc/X11/Xsession.option the
"use-ssh-agent" line is present. Still, it is not used.

> Again, how did you run ssh-agent?  Try something like this:
> ssh-agent x-terminal-emulator
> and then try ssh-add from the new terminal window that pops up.  There
> it should work.
Yes, that works. So ssh-agent is at least not broken...

> The reason is that ssh-agent sets up environment
> variables that all of its child processes inherit.  If you're trying to
> use it in some process that doesn't have those variables set up, it's
> just not going to work.
Thank you for this explanation. I'm starting to understand the procedure

> > Maybe related to that: I have tried setting up passwordless login to
> > another machine using the steps mentioned in the micro-howto: Succeeded.
> > I don't have to enter my password any more. Even worse: I have to enter
> > my passPHRASE for the key... Aaargh. Is this because ssh-agent doesn't
> > listen to me?
> Yes, I'd say that this is better, not worse.  You've gotten key-based
> authentication working; now it's just a matter of setting up your agent
> properly.  
I poked around a bit and changed my /etc/gdm/Sessions/Icewm. It now
exec /usr/bin/ssh-agent /usr/bin/icewm
and now it works. But I still don't know why the global Xinitrc is not

> (BTW, in the meantime (until you've gotten your ssh-agent set
> up properly) if you don't want to type a passphrase, you should be able
> to just hit enter and then be prompted for a password instead).
Hehe, good to know -- this saves a lot of typing (the passphrase is ~10
times longer than the password).

> good times,
> Vineet


Gib GATES keine Chance!

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

Reply to: