Ssh-agent, what's the proper way to start it? Options

[aki]

It would be nice to have ssh-agent/ssh-add function like it does in X11, have it start up when Qtopia starts and prompt you for a passphrase so that you can ssh at will from the console.

I set it up on ~/.profile, but then it starts a copy every time you open a terminal window.

Is it possible to fire it up when Qtopia starts up?

[Stubear]

Sounds like you need something like keychain

It adds you keys the first time it starts and reuses ssh-agent if it's already running (more info here http://www-106.ibm.com/developerworks/library/l-keyc2/)

Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu

[aki]

Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu

That won't work either. Per its man page, ssh-agent needs to be run at the beginning of a login session so that all programs are started as clients of the (one) ssh-agent program.

Ideally, then, it needs to be run just before Qtopia starts, ala X11 land (via the .Xsessions file).

opie-sh-ssh-askpass would provide a dialog window to allow the entry of passphrases and can be run from an icon.

But how do you run ssh-agent just before the Qtopia environment starts?

[stupkid]

But how do you run ssh-agent just before the Qtopia environment starts?

Edit the /opt/QtPalmtop/qpe.sh

[Stubear]

Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu

That won't work either. Per its man page, ssh-agent needs to be run at the beginning of a login session so that all programs are started as clients of the (one) ssh-agent program.

Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu

[andrewmaier]

Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu

I just downloaded and packaged it as an ipk and can be downloaded from
http://cern.ch/andrew/zaurus. I have not done much testing though.

Looks ok to me, let me know if there is something seriously wrong.

Enjoy,

Andrew

[aki]

Edit the /opt/QtPalmtop/qpe.sh

Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu

I just downloaded and packaged it as an ipk and can be downloaded from
http://cern.ch/andrew/zaurus. I have not done much testing though.

Looks ok to me, let me know if there is something seriously wrong.

Enjoy,

Andrew

Thanks for the help guys!
Starting ssh-agent from qpe.sh may work.
And I will try keychain too, and report the results.

[aki]

After much experimentation, I can finally report success reproducing the functionality of keychain on Linux! ie, enter a passphrase once and it is fetched automatically.

Here's how it works:
1. Click on the Keychain icon
2. A opie-sh message box opens for you to type in a passphrase
3. If the passphrase is correct, the output of keychain is displayed and then embeddedkonsoles is opened. You can then open multiple terminal windows and ssh & scp at wil. The ssh-agent is killed when embeddedkonsole is closed.
4. Nothing happens if the passphrase entered is incorrect.

Here is the ipk
You also need:
openssh-client
opie-sh
opie-sh-ssh-askpass
opie-embeddedkonsole

All these should be available on ZSI2 or you can get it on my feed

Please reply if you have any problems.
It should be plug & play if you have all packages installed properly.

[aki]

Oooops, forgot to include keychain.png on the ipk.
Here is an updated ipk.
Also posted it on ELSI.

[aki]

Just got a new version out. Includes functionality to configure and start encrypted tunnels for SMTP, POP3, HTTP and VNC traffic. Check-out this thread
You can download the new version here