Author Topic: Ssh-agent  (Read 5771 times)

aki

  • Jr. Member
  • **
  • Posts: 73
    • View Profile
    • http://www.akiaki.org
Ssh-agent
« on: February 18, 2005, 04:28:28 pm »
It would be nice to have ssh-agent/ssh-add  function like it does in X11, have it start up when Qtopia starts and prompt you for a passphrase so that you can ssh at will from the console.  

I set it up on ~/.profile, but then it starts a copy every time you open a terminal window.

Is it possible to fire it up when Qtopia starts up?

sl-5500 Sharp 2.38 ROM + sl-6000L w/ expansion adapter
Trendnet CF Ethernet + Micro Innovations IR Keyboard
------
sip: 544187@fwd.pulver.com

My Zaurus Page

Stubear

  • Hero Member
  • *****
  • Posts: 1164
    • View Profile
    • http://
Ssh-agent
« Reply #1 on: February 18, 2005, 09:23:19 pm »
Sounds like you need something like keychain

It adds you keys the first time it starts and reuses ssh-agent if it's already running (more info here http://www-106.ibm.com/developerworks/library/l-keyc2/)

Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu
SL-C1000, Hand converted to English with Japanese Input
Running X apps via X/Qt
iRiver USB host cable; Diatec P-Cord usb power cable (extendable); Acro's Reel Cable USB (A to A, B, Mini-B,  & Mini-B 8pin); GreenHouse 1Gb PicoDrive+; 2x256Mb Hagiwara SD cards; 128Mb Transcend CF card; 512Mb PQI CF card; AmbiCom WL1100C-CF 11B WLAN card

aki

  • Jr. Member
  • **
  • Posts: 73
    • View Profile
    • http://www.akiaki.org
Ssh-agent
« Reply #2 on: February 20, 2005, 07:01:39 pm »
Quote
Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu
[div align=\"right\"][a href=\"index.php?act=findpost&pid=67810\"][{POST_SNAPBACK}][/a][/div]
That won't work either.  Per its man page, ssh-agent needs to be run at the beginning of a login session so that all programs are started as clients of the (one) ssh-agent program.

Ideally, then, it needs to be run just before Qtopia starts, ala X11 land (via the .Xsessions file).

opie-sh-ssh-askpass would provide a dialog window to allow the entry of passphrases and can be run from an icon.

But how do you run ssh-agent just before the Qtopia environment starts?

sl-5500 Sharp 2.38 ROM + sl-6000L w/ expansion adapter
Trendnet CF Ethernet + Micro Innovations IR Keyboard
------
sip: 544187@fwd.pulver.com

My Zaurus Page

stupkid

  • Hero Member
  • *****
  • Posts: 578
    • View Profile
    • http://
Ssh-agent
« Reply #3 on: February 20, 2005, 08:49:15 pm »
Quote
But how do you run ssh-agent just before the Qtopia environment starts?

Edit the /opt/QtPalmtop/qpe.sh

Zaurus SL-C3200 pdaXii13v2 5.5 / Ambicom WC1100C-CF / Socket Bluetooth Rev G


OpenMoko FreeRunner - Running Tweaked OM2008.x Image

Stubear

  • Hero Member
  • *****
  • Posts: 1164
    • View Profile
    • http://
Ssh-agent
« Reply #4 on: February 21, 2005, 03:51:45 am »
Quote
Quote
Otherwise just write a script that check if ssh-agent has alreay been run and if so don't run it again

Stu
[div align=\"right\"][a href=\"index.php?act=findpost&pid=67810\"][{POST_SNAPBACK}][/a][/div]
That won't work either.  Per its man page, ssh-agent needs to be run at the beginning of a login session so that all programs are started as clients of the (one) ssh-agent program.
[div align=\"right\"][a href=\"index.php?act=findpost&pid=67981\"][{POST_SNAPBACK}][/a][/div]

Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu
« Last Edit: February 21, 2005, 03:53:18 am by Stubear »
SL-C1000, Hand converted to English with Japanese Input
Running X apps via X/Qt
iRiver USB host cable; Diatec P-Cord usb power cable (extendable); Acro's Reel Cable USB (A to A, B, Mini-B,  & Mini-B 8pin); GreenHouse 1Gb PicoDrive+; 2x256Mb Hagiwara SD cards; 128Mb Transcend CF card; 512Mb PQI CF card; AmbiCom WL1100C-CF 11B WLAN card

andrewmaier

  • Newbie
  • *
  • Posts: 26
    • View Profile
    • http://www.andrew.maier.name
Ssh-agent
« Reply #5 on: February 21, 2005, 11:35:37 am »
Quote
Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu
[div align=\"right\"][{POST_SNAPBACK}][/a][/div]

I just downloaded and packaged it as an ipk  and can be downloaded from
[a href=\"http://cern.ch/andrew/zaurus]http://cern.ch/andrew/zaurus[/url]. I have not done much testing though.

Looks ok to me, let me know if there is something seriously wrong.

Enjoy,

Andrew

aki

  • Jr. Member
  • **
  • Posts: 73
    • View Profile
    • http://www.akiaki.org
Ssh-agent
« Reply #6 on: February 21, 2005, 09:24:34 pm »
Quote
Edit the /opt/QtPalmtop/qpe.sh
[div align=\"right\"][{POST_SNAPBACK}][/a][/div]

Quote
Quote

Try keychain then.

I've been using it on my desktop system since 2000, I only have to give my passwords once per boot, I can log out and log back in or even start another session and the still ssh without giving my password again. It also does gpg-agent but I don't sign alot of stuff so I haven't bothered setting it up.

I used to run keychain on my Z but lost it in a reflash and never got around to putting it back on as I generally only ssh onto the Z not from it.

Stu
[div align=\"right\"][a href=\"index.php?act=findpost&pid=68030\"][{POST_SNAPBACK}][/a][/div]

I just downloaded and packaged it as an ipk  and can be downloaded from
[a href=\"http://cern.ch/andrew/zaurus]http://cern.ch/andrew/zaurus[/url]. I have not done much testing though.

Looks ok to me, let me know if there is something seriously wrong.

Enjoy,

Andrew
[div align=\"right\"][a href=\"index.php?act=findpost&pid=68071\"][{POST_SNAPBACK}][/a][/div]

Thanks for the help guys!
Starting ssh-agent from qpe.sh may work.
And I will try keychain too, and report the results.

sl-5500 Sharp 2.38 ROM + sl-6000L w/ expansion adapter
Trendnet CF Ethernet + Micro Innovations IR Keyboard
------
sip: 544187@fwd.pulver.com

My Zaurus Page

aki

  • Jr. Member
  • **
  • Posts: 73
    • View Profile
    • http://www.akiaki.org
Ssh-agent
« Reply #7 on: March 10, 2005, 08:47:23 pm »
After much experimentation, I can finally report success reproducing the functionality of keychain on Linux! ie, enter a passphrase once and it is fetched automatically.

Here's how it works:
1. Click on the Keychain icon
2. A opie-sh message box opens for you to type in a passphrase
3. If the passphrase is correct, the output of keychain is displayed and then embeddedkonsoles is opened.  You can then open multiple terminal windows and ssh & scp at wil.  The ssh-agent is killed when embeddedkonsole is closed.
4. Nothing happens if the passphrase entered is incorrect.

Here is the ipk
You also need:
openssh-client
opie-sh
opie-sh-ssh-askpass
opie-embeddedkonsole

All these should be available on ZSI2 or you can get it on my feed

Please reply if you have any problems.  
It should be plug & play if you have all packages installed properly.

sl-5500 Sharp 2.38 ROM + sl-6000L w/ expansion adapter
Trendnet CF Ethernet + Micro Innovations IR Keyboard
------
sip: 544187@fwd.pulver.com

My Zaurus Page

aki

  • Jr. Member
  • **
  • Posts: 73
    • View Profile
    • http://www.akiaki.org
Ssh-agent
« Reply #8 on: March 10, 2005, 10:35:18 pm »
Oooops, forgot to include keychain.png on the ipk.
Here is an updated ipk.
Also posted it on ELSI.

sl-5500 Sharp 2.38 ROM + sl-6000L w/ expansion adapter
Trendnet CF Ethernet + Micro Innovations IR Keyboard
------
sip: 544187@fwd.pulver.com

My Zaurus Page

aki

  • Jr. Member
  • **
  • Posts: 73
    • View Profile
    • http://www.akiaki.org
Ssh-agent
« Reply #9 on: March 26, 2005, 01:05:35 pm »
Just got a new version out.  Includes functionality to configure and start encrypted tunnels for SMTP, POP3, HTTP and VNC traffic.  Check-out this thread
You can download the new version here

sl-5500 Sharp 2.38 ROM + sl-6000L w/ expansion adapter
Trendnet CF Ethernet + Micro Innovations IR Keyboard
------
sip: 544187@fwd.pulver.com

My Zaurus Page