Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Backgrounding part of 'ssh-agent $cmd'

I'm glad my suggestion answered your question, but I don't think that I
have solved your actual problem.  Wandering a bit afield of zsh here ...

On Jan 18,  8:18am, Daniel Shahaf wrote:
} Yes, and yes my distribution sets up a session-global ssh-agent
} instance.  Using a separate agent was a means to an end: not having the
} ssh keys decrypted in memory whilst the laptop is hibernating.

I'm not sure you've actually accomplished that.  From what you've
described, you're counting on the set of ssh created in foo_ssh_preseed
to exit because the network connections time out while the laptop sleeps?

That means "ssh-add -D" doesn't run until the laptop *wakes up again*
and the "wait" in foo_ssh_preseed returns.  The agent's memory state
is dumped in the hibernate data with the keys still loaded.  Boot from
removable media and that data could be mined.  Am I missing something?

You would need Christian's suspend-hook idea to get "ssh-add -D" to
run before the laptop hibernates.  In which case you might as well
use the session-global agent ...

Messages sorted by: Reverse Date, Date, Thread, Author