[CentOS] ssh-agent

Tue Apr 6 16:52:10 UTC 2010
Todd Denniston <Todd.Denniston at tsb.cranrdte.navy.mil>

m.roth at 5-cent.us wrote, On 04/06/2010 11:46 AM:
> Todd wrote:
>> m.roth at 5-cent.us wrote, On 04/06/2010 10:51 AM:
>>> What I was doing: log onto my machine (system run level 5, I log out,
>>> NOT just lock the screen, every single night; therefore, there should be
>>> no processes running owned by me), and in a terminal window, do
>>>    ssh-agent
>>>    ssh-add .ssh/private key
>>> and enter my passphrase. Then I'd go through the day merrily on my way.
>>>
>>> Now, I find that when I log out, ssh-agent IS NOT STOPPED, even though I
>>> am logged all the way out. When I log out, unless I background
>>> something, everything running as me should go away. Everything.
> <snip>
>> question:
>> if you don't start ssh-agent in your terminal do you see something like
>> the following with ps?
>>
>> ~$ ps aux |grep agent
>> uname 12345  0.0  0.1   8916  3608 ?        Ss   09:12   0:00
>> /usr/bin/ssh-agent /bin/sh -c exec -l
>> /bin/bash -c "/usr/bin/dbus-launch --exit-with-session
>> /etc/X11/xinit/Xclients"
> 
> Yep -
> ps -fu <mylogin> | grep ssh
> <mylogin>   13313     1  0 Apr02 ?        00:00:00 ssh-agent
> <mylogin>   18049 18019  0 09:09 ?        00:00:00 /usr/bin/ssh-agent
> /bin/sh -c exec -l /bin/bash -c "/usr/bin/dbus-launch --exit-with-session
> /etc/X11/xinit/Xclients"
> <snip>
> 9:09 or so was when I used ssh-add. Note that ssh-agent has been running
> since the second, and I logged out Friday and yesterday.
> 
>        mark
> 

Suggestion to make everything even clearer.

1) either `killall -9 ssh-agent` or reboot.
2) logout (if not rebooted, so that _gdm_ restarts X)
3) login
4) Do *_NOT_* start ssh-agent in a terminal.
5) in a terminal execute `ps aux |grep agent`
6) record report 1
7) logout
8) login
9) Do *_NOT_* start ssh-agent in a terminal.
10) in a terminal execute `ps aux |grep agent`
11) record report 2
12) we should see ssh-agent is running in both cases, if your CentOS box is setup the way I think it is.
i.e. understand /etc/X11/xinit/xinitrc-common kicks it off for you.
13) we should see a delta in the agent PID from report 1 to report 2.
14) we should see only one agent in both reports.



-- 
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter