On 2012-02-06 12:53:03 -0700, Paul E Condon wrote: > On 20120206_121205, Vincent Lefevre wrote: > > On 2012-02-06 11:39:47 +0100, Erwan David wrote: > > > On Mon, Feb 06, 2012 at 11:33:25AM CET, Vincent Lefevre > > > <vinc...@vinc17.net> said: > > > > On 2012-02-04 09:35:44 +0100, Sven Joachim wrote: > > > > > Nope, this is the script that starts the ssh *server*. The agent is > > > > > started in /etc/X11/Xsession.d/90x11-common_ssh-agent, sourced from > > > > > /etc/X11/Xsession (see Xsession(5). > > > > > > > > But it shouldn't. It should be the user who decides whether he wants > > > > to start ssh-agent (since it is a user process), not the admin. > > > > > > Not necessarily : the user uses it or not through ssh-add. > > > > Yes, but ssh-agent is still started even if the user doesn't want it. > > On my machine, it was interfering with my own system to automatically > > start ssh-agent when needed (until I changed my config to kill this > > ssh-agent). > > What config did you put you kill commands in? And what were those > commands? I'm trying to understand how this thing works.
In my .xsession file, I have: if [ -n "$SSH_AUTH_SOCK" ]; then echo "\$SSH_AUTH_SOCK is '$SSH_AUTH_SOCK'" >&2 case "$SSH_AUTH_SOCK" in /tmp/ssh-agent-*) echo "--> _call_sshagent already started." >&2 ;; ?*) echo "--> ssh-agent started but useless; should be killed." >&2 eval `ssh-agent -k` >&2 ;; esac fi If SSH_AUTH_SOCK is not set (which is the case when I use a display manager such as gdm), the .xsession executes a zsh script that does the following: 1. Register an SSH agent, setting SSH_AUTH_SOCK from a running agent or starting one. 2. Start the window manager. 3. [When logging out from the X session] Deregister the SSH agent. This way I have a unique SSH agent for all my sessions (X, SSH, screen), which is killed when the last session quits. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <http://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120207163635.gb7...@xvii.vinc17.org