[CentOS] Moving from Fedora -- Advice??

Gordon Messmer yinyang at eburg.com
Wed Dec 22 18:37:50 UTC 2010


On 12/21/2010 10:49 AM, m.roth at 5-cent.us wrote:
> Gordon Messmer wrote:
>> On 12/17/2010 12:32 PM, m.roth at 5-cent.us wrote:
>>>
>>> Not with PIV-II cards....
>>
>> Why?  Do they use a non-standard SSH agent?
>
> pkcs11. opensc. NOT COOLKEY.

I'm not really sure what that has to do with anything.  You said that 
you're having trouble getting ssh-agent to close on logout.  I replied 
that you're probably trying too hard.  Fedora's desktops automatically 
have an ssh-agent available when you log in via gdm.  In the past, it 
was OpenSSH's ssh-agent.  In more recent versions, gnome has its own 
authentication agent, which is used.

So I'll repeat myself: if you are seeing ssh-agent continue after you 
log out, you're probably trying too hard.  Setting the agent up and 
tearing it down on logout are done for you right out of the box, and 
have been for years.  Log in to a new user account on a fresh install 
sometime.  Open a terminal and type "set | grep SSH_AUTH_SOCK".  See 
that environment variable?  The agent is running.



More information about the CentOS mailing list