[CentOS] ssh-agent fails to hold values
Nico Kadel-Garcia
nkadel at gmail.com
Tue Nov 30 12:58:34 UTC 2010
On Tue, Nov 30, 2010 at 5:19 AM, John Doe <jdmls at yahoo.com> wrote:
> From: Nico Kadel-Garcia <nkadel at gmail.com>
>
>> On Mon, Nov 29, 2010 at 6:41 AM, John Doe <jdmls at yahoo.com> wrote:
>> > From: bluethundr <bluethundr at gmail.com>
>> >> I am attempting to manage my key logins with ssh-agent. However EVERY
>> >> time I try to ssh I have to go through the same exact routing and it's
>> >> getting a little old...
>> >> Does anyone have any suggestions to make ssh-agent hold these values a
>> >> bit more persistently?
>> > I have this in my .bash_profile:
>> > AGENTRUNNING=`ps x | grep agent | grep -v grep`
>> > if [ -z "$AGENTRUNNING" ]; then
>> > /usr/bin/ssh-agent -s > $HOME/.ssh/agent-env.sh
>> > fi
>> > . $HOME/.ssh/agent-env.sh > /dev/null
>> > Then, I ssh-add once and that's it.
>> And if you log in on another machine with that same home directory on
>> NFS, you'll load information for the wrong host's ssh-agent keys.
>> Install and use "keychain". It's leaps and bounds more reliable than this.
>
> No NFS home directories... so no problems.
> What reliability problems are you refering to?
> So far, it just worked fine...
The NFS home directory is the big one. Another other is that, if
something sets "AGENTRUNNING", in another script and you inherit it,
it's not reset. And since it's in a .bashrc, once it's set, you'll
inherit for other scripts: if it dies, you won't get a new one due to
the inherited AGENTRUNNING. And what if the user has "agent" in their
login name?
If it works in your small environment, fine, but I wouldn't publish it
for general use without more thought. The "keychain" perl script is
actually pretty good.
More information about the CentOS
mailing list