I don't quite understand something. When I do "ssh-add2", it'll ask me for the
passphrase. I don't mind this since it's supposed to ask me just once. The
problem I have is that ssh2 will still ask me for my passphrase upon the next
time I want to login to the machine.
Noel
[EMAIL PROTECTED] on 05/24/2000 03:47:26 AM
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
cc:
Subject: RE: ssh with no passphrase?
Hi Noel,
I'm using a shell-script, call it "sshsetup", which I source in my .profile at
login time or in scripts startet by cron.
[ -f $HOME/bin/sshsetup ] && . $HOME/bin/sshsetup
Because the passphrases for the SSH-keys are readable in this schript, You
should read/write protect it with "chmod 600 $HOME/bin/sshsetup".
I know that root-users are still able to read the passphrases in the script, but
i think it's more secure then using SSH-keys without any pasphrases.
/Stefan
sshsetup:
=========
#!/usr/bin/ksh
SSH1_ENV=$HOME/.ssh/ssh1environment
SSH2_ENV=$HOME/.ssh2/ssh2environment
function start_ssh1agent {
echo "Initialisierung des SSH1-Agenten ..."
/usr/local/ssh1/bin/ssh-agent1 >$SSH1_ENV
chmod 600 $SSH1_ENV
. $SSH1_ENV
echo PASSPHRASE | /usr/local/ssh1/bin/ssh-add1 -p 1>/dev/null 2>&1
}
function start_ssh2agent {
echo "Initialisierung des SSH2-Agenten ..."
/usr/local/ssh2/bin/ssh-agent2 >$SSH2_ENV
chmod 600 $SSH2_ENV
. $SSH2_ENV
echo PASSPHRASE | /usr/local/ssh2/bin/ssh-add2 -p 1>/dev/null 2>&1
}
if [ -f $SSH1_ENV ]; then
. $SSH1_ENV 1>/dev/null 2>&1
test -r $SSH_AUTH_SOCK || kill -9 $SSH_AGENT_PID 1>/dev/null 2>&1
ps -p $SSH_AGENT_PID >/dev/null 2>&1 || start_ssh1agent
else
start_ssh1agent
fi
if [ -f $SSH2_ENV ]; then
. $SSH2_ENV 1>/dev/null 2>&1
test -r $SSH2_AUTH_SOCK || kill -9 $SSH2_AGENT_PID 1>/dev/null 2>&1
ps -p $SSH2_AGENT_PID >/dev/null 2>&1 || start_ssh2agent
else
start_ssh2agent
fi
> -----Original Message-----
> From: Noel L Yap [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 23, 2000 4:43 PM
> To: [EMAIL PROTECTED]
> Subject: ssh with no passphrase?
>
>
> I've been able to get ssh not to ask for a passphrase (via
> ssh-agent and
> ssh-add) when the keys are generated with no passphrase. How
> can I get the same
> behaviour when the keys are generated with a passphrase?
>
> Thanks,
> Noel
>
>
>
> This communication is for informational purposes only. It is
> not intended as
> an offer or solicitation for the purchase or sale of any
> financial instrument
> or as an official confirmation of any transaction. All market
> prices, data
> and other information are not warranted as to completeness or
> accuracy and
> are subject to change without notice. Any comments or
> statements made herein
> do not necessarily reflect those of J.P. Morgan & Co.
> Incorporated, its
> subsidiaries and affiliates.
>
This communication is for informational purposes only. It is not intended as
an offer or solicitation for the purchase or sale of any financial instrument
or as an official confirmation of any transaction. All market prices, data
and other information are not warranted as to completeness or accuracy and
are subject to change without notice. Any comments or statements made herein
do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its
subsidiaries and affiliates.
