Rich, If you are using gnome, part of it's startup includes creating a ssh-agent for you, and the first time you try to ssh elsewhere it prompts you to unlock the agent.
There is a program out there called keychain (search for 'linux keychain ssh-agent') which wouks well in non gnome environments. A quick search found a gentoo article https://wiki.gentoo.org/wiki/Keychain that appears to walk thru the setup using keychain. If you do a lot of access to different systems, keychain will deligate authentication requests back to your initial login system, prevent duplication, etc. It has lots of controls you can configure and configuration ends up being done by adding a few lines to your .bashrc or .zshrc file. You end up typing a password on first login, and all the ssh logins then just forward the agent requests back to that system. The above two schemes make the agent's lifetime tied to your login on the first machine. When you logout all the agents are gone. It's possible to lauch a agent that stays around in the background, that would then be active as long as the machine doesn't reboot. That's not as secure. But even there, the agent needs to be launched by you, not root, so normally that would mean launching it the first time you log in (from your .bashrc). steve Russell Senior wrote: >>>>>> "Rich" == Rich Shepard <rshep...@appl-ecosys.com> writes: > Rich> On Sun, 30 Oct 2016, Robert Citek wrote: >>> Good luck and let us know what works for you. > Rich> Still seeking this goal. :-) > > Rich> After modifying ~/.bash_profile to invoke ssh-agent I sourced > Rich> the file, then tried ssh-add which did not work: > > Rich> $ ssh-add Enter passphrase for /home/rshepard/.ssh/id_ed25519: > Rich> Could not add identity "/home/rshepard/.ssh/id_ed25519": agent > Rich> refused operation > > Rich> Searching for this error (without the string in quotes) using > Rich> duckduckgo produced many hits on running ssh-add, but none > Rich> explicitiy explaining the cause of this error message. The man > Rich> page does not offer an option of specifying which identity to use > Rich> (I have only the one). > > Rich> Google finds many hits (primarily Ubuntu users) about missing > Rich> identities when running ssh-add, but none (on the first page of > Rich> hits) about ssh-add refusing to add an existing identity. > > Rich> Would be nice to learn why. > > My wild guess would be you typed the wrong passphrase. > > _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
