This is a discussion on Re: Agent Forwarding Question for the list - openssh ; --uJWb33pM2TcUAXIl Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline On Thu, Oct 05, 2006 at 12:06:27PM -0400, Layne Fink wrote: > I'm no expert.. but my first guess at this is you need to start the > ssh-add agent on server1 as well. ...
Content-Type: text/plain; charset=iso-8859-1
On Thu, Oct 05, 2006 at 12:06:27PM -0400, Layne Fink wrote:
> I'm no expert.. but my first guess at this is you need to start the
> ssh-add agent on server1 as well.
No, that's not correct; this is the whole purpose of agent forwarding.
> There is also a way to make ssh-add global.. i believe that normally
> ssh-add only lasts for the current session, soon as you logout the add
> agent stops... something to do with editing your $HOME/.bash_profile or
> $HOME/.bashrc for BASH for example. I'll google a bit and give a for sure
> answer if someone else hasn't done so by then.
Adding a key to your agent with ssh-add works for any process which
can see the SSH_* environment variables which ssh-agent creates. The
easiest way to make all your shells see this is to use the X window
system, and start X using something like this:
ssh-agent fvwm # or whatever window manager you run
ssh-agent gnome-session # or startkde
or whatever... You can do this by adding such a line to your .xinitrc
(for startx) or .xsession (for sessions started from xdm/gdm/kdm
etc.). One of these needs to be executable (i.e. a shell script), but
I can never remember which one (I think it's .xsession). Make sure it
is executable using chmod.
When you do this, all ssh sessions from all of your xterms will be
able to see your agent. Just run ssh-add from any xterm to add your
key to your agent, and you're good to go. You can play games with
your .bashrc too if you prefer, but this method is far more elegant.
Derek D. Martin
GPG Key ID: 0x81CFE75D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----