Bug#203942: More flexible ssh-agent invocation

To: Francois Gouget <fgouget@free.fr>, 203942@bugs.debian.org
Subject: Bug#203942: More flexible ssh-agent invocation
From: ucko@debian.org (Aaron M. Ucko)
Date: Mon, 04 Aug 2003 20:48:46 -0400
Message-id: <[🔎] udl1xw1kjyp.fsf@multics.mit.edu>
Reply-to: ucko@debian.org (Aaron M. Ucko), 203942@bugs.debian.org
In-reply-to: <[🔎] Pine.LNX.4.44.0308030007100.2852-100000@amboise.dolphin> (Francois Gouget's message of "Sun, 3 Aug 2003 00:07:45 +0200 (CEST)")
References: <[🔎] Pine.LNX.4.44.0308030007100.2852-100000@amboise.dolphin>

Francois Gouget <fgouget@free.fr> writes:

>    'ssh-agent -s' outputs a mini-script that sets the SSH_XXX variables.

I would generally recommend against running it this way; the ssh-agent
process can easily end up outliving your session, which is not
necessarily ideal as far as security goes.  (Yes, other users still
can't talk to it unless they manage to gain access to your account
anyway, but it's probably still best for anything that has your keys
to terminate promptly.)

In particular, note that the system-wide Xsession code ends up
exec-ing REALSTARTUP, which is by no means guaranteed to kill
$SSH_AGENT_PID when done, so most sessions probably will end up
leaving ssh-agent processes behind.

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
Finger amu@monk.mit.edu (NOT a valid e-mail address) for more info.

Reply to:

References:
- Bug#203942: More flexible ssh-agent invocation
  - From: Francois Gouget <fgouget@free.fr>

Prev by Date: Bug#204148: pt_BR.UTF-8 Compose file
Next by Date: Bug#204148: pt_BR.UTF-8 Compose file
Previous by thread: Bug#203942: More flexible ssh-agent invocation
Next by thread: [bsass@edmc.net: xfs-xtt unpurgable]
Index(es):
- Date
- Thread