From owner-freebsd-questions  Sun Jul  9 12:51:50 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mail2.netcologne.de (mail2.netcologne.de [194.8.194.103])
	by hub.freebsd.org (Postfix) with ESMTP id 3456A37BE8A
	for <questions@FreeBSD.ORG>; Sun,  9 Jul 2000 12:51:44 -0700 (PDT)
	(envelope-from pherman@frenchfries.net)
Received: from bagabeedaboo.security.at12.de (dial-194-8-196-65.netcologne.de [194.8.196.65])
	by mail2.netcologne.de (8.9.3/8.9.3) with ESMTP id VAA08720;
	Sun, 9 Jul 2000 21:51:39 +0200 (MET DST)
Received: from localhost (localhost.security.at12.de [127.0.0.1])
	by bagabeedaboo.security.at12.de (8.10.2/8.10.2) with ESMTP id e69JpS103469;
	Sun, 9 Jul 2000 21:51:28 +0200 (CEST)
Date: Sun, 9 Jul 2000 21:51:28 +0200 (CEST)
From: Paul Herman <pherman@frenchfries.net>
To: Mark Ovens <mark@dogma.freebsd-uk.eu.org>
Cc: questions@FreeBSD.ORG
Subject: Re: Question about the use of ssh-agent(1)
In-Reply-To: <20000709195220.C233@parish>
Message-ID: <Pine.BSF.4.21.0007092134220.2764-100000@bagabeedaboo.security.at12.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, 9 Jul 2000, Mark Ovens wrote:

> I've read the manpages for ssh-agent(1) and ssh-add(1) but require
> clarification on a couple of points.
> 
> Is adding:
> 
>    eval `ssh-agent`
>    ssh-add
> 
> to ~/.login {a,the} correct way to start it?

Looks good.  Don't forget "ssh-agent -k" in ~/.logout.

> If I login (as the same user) on more than one ttyv do I need to run
> an ssh-agent on each login?
>
> If not, should the commands in ~/.login be:
> 
>    if (! $SSH_AGENT_PID ) then
>       eval `ssh-agent`
>       ssh-add
>    fi

This would be a good idea anyway in case a login shell gets evoked
somehow from your shell (xterms do this a lot) but it won't help you
when login in on a separate ttyv.  :(

A trick way to do this would be to do something like (sorry for Bourne
notation):

  if [ "x$SSH_AGENT_PID" = "x" ]; then
   if [ -r ~/.ssh-env ]
    then eval < ~/.ssh-env
    else "eval `ssh-agent` > ~/.ssh-env"
   fi
  fi

in ~/.login, and remove ~/.ssh-env in ~/.logout.  The only problem is,
it must only be removed on the *last* logout.  This can be done, but I
don't see an easy way.  This is left as an exercise for the reader.  
:)

Short answer:  as far as I know, not so easy with multiple logins,
unless you just have multiple agents (or empty password...)

-Paul.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message