[aklug] Re: ssh-agent?

From: Ted Rathkopf <ted@rathkopf.org>
Date: Sun Aug 01 2010 - 19:45:19 AKDT

ssh-agent creates a socket that stores the private keys. The output
from ssh-agent that he cut-pasted was the environment variables to
tell his shell the information about the agent: where the socket is,
and what the pid is.

After you run the agent, you run ssh-add to store your key information
in the agent.

After this is done, when you do an ssh, it gets the key information
from the ssh-agent and passes it to the other end so you don't have to
enter it again.

If you are using X windows, it's handy to edit your .startx or
.xinitrc so that it runs ssh-agent when it starts your session
manager. Then the session manager and all future processes spawned
from it are child processes of the ssh-agent and inherit the
information about the agent, so you don't need to enter your key
information again that session once you've run ssh-add.

On Sun, Aug 1, 2010 at 7:20 PM, Christopher Howard <choward@indicium.us> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Okay... I've used ssh connections with password based authentication,
> and I've used ssh connections with PKI based authentication (upload the
> public key to remote server, no password needed, blah blah blah...)
>
> But I saw somebody do something weird the other day: Instead of using
> 'ssh <hostname>' and then his password, he did this: first he executed
> the command 'ssh-agent', then he executed the output of that command in
> the shell, and then he was able to run 'ssh <hostname>' without typing
> in his password.
>
> I read the ssh-agent MAN page, but it still isn't quite clear to me what
> was going on.
>
> - --
> Christopher Howard
> frigidcode.com
> theologia.indicium.us
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.15 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkxWOZYACgkQQ5FLNdi0BcVyzgCeOa7DKI7YLU/8ly2c8wBbKfq1
> gRMAoIAD2EBtb4DXX6I5BSQq3/xgehcI
> =E4Cb
> -----END PGP SIGNATURE-----
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
> 

-- 
- Ted
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sun Aug 1 19:45:56 2010

This archive was generated by hypermail 2.1.8 : Sun Aug 01 2010 - 19:45:56 AKDT