Help - Search - Members - Calendar
Full Version: Ssh-agent
OESF Forums > General Forums > General Support and Discussion > Security and Networking
aki
It would be nice to have ssh-agent/ssh-add function like it does in X11, have it start up when Qtopia starts and prompt you for a passphrase so that you can ssh at will from the console.

I set it up on ~/.profile, but then it starts a copy every time you open a terminal window.

Is it possible to fire it up when Qtopia starts up?
Stubear
Sounds like you need something like keychain

It adds you keys the first time it starts and reuses ssh-agent if it's already running (more info here http://www-106.ibm.com/developerworks/library/l-keyc2/)

Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu
aki
QUOTE(Stubear @ Feb 19 2005, 02:23 AM)
Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu
*

That won't work either. Per its man page, ssh-agent needs to be run at the beginning of a login session so that all programs are started as clients of the (one) ssh-agent program.

Ideally, then, it needs to be run just before Qtopia starts, ala X11 land (via the .Xsessions file).

opie-sh-ssh-askpass would provide a dialog window to allow the entry of passphrases and can be run from an icon.

But how do you run ssh-agent just before the Qtopia environment starts?
stupkid
QUOTE
But how do you run ssh-agent just before the Qtopia environment starts?


Edit the /opt/QtPalmtop/qpe.sh
Stubear
QUOTE(aki @ Feb 21 2005, 09:01 AM)
QUOTE(Stubear @ Feb 19 2005, 02:23 AM)
Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu
*

That won't work either. Per its man page, ssh-agent needs to be run at the beginning of a login session so that all programs are started as clients of the (one) ssh-agent program.
*



Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu
andrewmaier
QUOTE(Stubear @ Feb 21 2005, 09:51 AM)
Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu
*


I just downloaded and packaged it as an ipk and can be downloaded from
http://cern.ch/andrew/zaurus. I have not done much testing though.

Looks ok to me, let me know if there is something seriously wrong.

Enjoy,

Andrew
aki
QUOTE(stupkid @ Feb 21 2005, 01:49 AM)
Edit the /opt/QtPalmtop/qpe.sh
*


QUOTE(andrewmaier @ Feb 21 2005, 04:35 PM)
QUOTE(Stubear @ Feb 21 2005, 09:51 AM)


Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu
*


I just downloaded and packaged it as an ipk and can be downloaded from
http://cern.ch/andrew/zaurus. I have not done much testing though.

Looks ok to me, let me know if there is something seriously wrong.

Enjoy,

Andrew
*



Thanks for the help guys!
Starting ssh-agent from qpe.sh may work.
And I will try keychain too, and report the results.
aki
After much experimentation, I can finally report success reproducing the functionality of keychain on Linux! ie, enter a passphrase once and it is fetched automatically.

Here's how it works:
1. Click on the Keychain icon
2. A opie-sh message box opens for you to type in a passphrase
3. If the passphrase is correct, the output of keychain is displayed and then embeddedkonsoles is opened. You can then open multiple terminal windows and ssh & scp at wil. The ssh-agent is killed when embeddedkonsole is closed.
4. Nothing happens if the passphrase entered is incorrect.

Here is the ipk
You also need:
openssh-client
opie-sh
opie-sh-ssh-askpass
opie-embeddedkonsole

All these should be available on ZSI2 or you can get it on my feed

Please reply if you have any problems.
It should be plug & play if you have all packages installed properly.
aki
Oooops, forgot to include keychain.png on the ipk.
Here is an updated ipk.
Also posted it on ELSI.
aki
Just got a new version out. Includes functionality to configure and start encrypted tunnels for SMTP, POP3, HTTP and VNC traffic. Check-out this thread
You can download the new version here
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.