Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Backgrounding part of 'ssh-agent $cmd'



Bart Schaefer wrote on Wed, Jan 16, 2013 at 09:35:14 -0800:
> On Jan 16,  8:59am, Daniel Shahaf wrote:
> } Subject: Backgrounding part of 'ssh-agent $cmd'
> }
> } More specifically, my workflow involves establishing several 'ssh -MNf'
> } connections every morning
> 
> Are you running this on an Xorg desktop?  Some Xorg distributions set
> up ssh-agent directly under the session manager so all applications
> on the desktop use the same agent.  Unless you specifically need to
> run a separate agent for this, you might check whether one is already
> available.

Yes, and yes my distribution sets up a session-global ssh-agent
instance.  Using a separate agent was a means to an end: not having the
ssh keys decrypted in memory whilst the laptop is hibernating.

> I source a file from my .zlogin that looks like this
> (details elided):
> 
>   (( SSH_AGENT_PID )) || return 0
>   [[ $(ssh-add -L) = *"no identities"* ]] || return 0
>   ssh-add ...
> 
> The ssh-add command in this setup is clever enough to invoke zenity or
> gdialog or the equivalent to pop up a window for the password.  Have
> you tried something like
> 
>     ssh-add ~/.ssh/foo.id_rsa </dev/null >>& .ssh-add-errors
> 
> to see if it finds some other way to prompt you?  If that works, then
> you can just background the entire foo_ssh_preseed call, whether or
> not you already have an ssh-agent for the desktop session.

Yes, 'ssh-add ~/.ssh/foo.id_rsa </dev/null' does prompt
me with a GUI window.

> 

So, combining your and Christian's inputs, it appears I have two options:

- Add the key to the global agent at login (or after hibernte), and
  install a suspend- or screensaver- hook that clears the agent.

- Retain my current code, with the following modification:
  * 'ssh-add foo.id_rsa' -> 'ssh-add foo.id_rsa </dev/null'
  * 'foo_ssh_preseed' -> 'foo_ssh_preseed &'

I've tried the second approach and it appears to work as intended: I get
prompted for my SSH password (graphically), then foo_ssh_preseed runs in
the background (dumping stderr to foreground) and foo_main proceeds in
the foreground.

Which is what I was after; thank you.

Thanks also to Christian for the pointers to the suspend- and
screensaver- hooks --- I haven't tried them yet, but they represent
a viable alternative.

Cheers

Daniel



Messages sorted by: Reverse Date, Date, Thread, Author