[CentOS] Moving from Fedora -- Advice??

Gordon Messmer yinyang at eburg.com
Thu Dec 23 07:20:17 UTC 2010


On 12/22/2010 11:39 AM, m.roth at 5-cent.us wrote:
> Right, which AFAIK, doesn't work with the new US federal PIV-II cards.
> Certainly, I can't add the card when it's inserted in the reader with just
> that.

OK.  Well, that's more or less what I meant when I asked if there was 
something non-standard.  It looks to me like the older systems should 
have worked properly, before GNOME got its keyring manager involved. 
So, I'd recommend that you do two things.  First, edit 
/usr/share/xsessions/gnome.desktop or create a new session file of your 
own.  Change the "Exec" line to:
Exec=ssh-agent gnome-session

That'll launch your gnome-session as a child of ssh-agent.  When you log 
out, ssh-agent will exit.  You'll also need to (in your session) go to 
System -> Preferences -> Startup Applications.  Locate "SSH Key Agent". 
  Remove the checkbox.  Log out and log back in.  At that point, double 
check that the ssh key agent is still deselected in startup 
applications, and then make sure that a terminal still has the 
SSH_AUTH_SOCK variable.  If those two things are true, then you should 
be using the OpenSSH agent.  (Also, the socket path shouldn't say 
"keyring").  Once you're using the OpenSSH agent, you should be able to 
use ssh-add to set up your opensc device.



More information about the CentOS mailing list