Problem with ssh-agent and ssh-add - SSH

This is a discussion on Problem with ssh-agent and ssh-add - SSH ; Hi All, We have our program which starts the ssh-agent and stores its environment variables in a hash dictionary. Another function in the same program would read these environment variables, set the same (using putenv()), start a pty and then ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Problem with ssh-agent and ssh-add

  1. Problem with ssh-agent and ssh-add


    Hi All,

    We have our program which starts the ssh-agent and stores its
    environment variables in a hash dictionary. Another function in the
    same program would read these environment variables, set the same
    (using putenv()), start a pty and then add the key to the agent using
    ssh-add (pty is started in order to give the passphrase as the input).

    But, while executing ssh-add, we are getting the error "Could not open
    a connection to your authentication agent.". We have ensured that
    environment variables are set by executing getenv().

    It would be very helpful and greatly appreciated if anyone can help us
    in solving this problem.

    Thanks
    Guru


  2. Re: Problem with ssh-agent and ssh-add

    On 2005-11-07, sgprasad@dacafe.com wrote:

    > We have our program which starts the ssh-agent and stores its
    > environment variables in a hash dictionary. Another function in the
    > same program would read these environment variables, set the same
    > (using putenv()), start a pty and then add the key to the agent using
    > ssh-add (pty is started in order to give the passphrase as the input).
    >
    > But, while executing ssh-add, we are getting the error "Could not open
    > a connection to your authentication agent.". We have ensured that
    > environment variables are set by executing getenv().


    Better post your program I think.

    --
    Elvis Notargiacomo master AT barefaced DOT cheek
    http://www.notatla.org.uk/goen/
    Powergen write "Why not stay with us" - let me count the ways!

  3. Re: Problem with ssh-agent and ssh-add

    Thanks.


    Within a process, we are starting the agent like this,
    code extract:

    fp = popen("ssh-agent -s","r");
    while(fgets(temp_buff,100,fp) !=NULL)
    {
    if(line_count ==2){
    break;}
    line_count++;

    char *buff;
    buff= new char[100];
    bzero(buff,100);

    int i =0, buff_len =0, rc1;
    for(int j=0;j<100;j++)
    {
    if(temp_buff[j] == ';')
    {
    i =0;
    buff_len = strlen(buff);
    if(line_count == 1)
    {
    env_value->agentEnvs->env1 = new char[buff_len+1];
    strncpy(env_value->agentEnvs->env1,buff,buff_len);
    env_value->agentEnvs->env1[buff_len] = '\0';
    env_value->len1 = buff_len+1;
    rc1= putenv(env_value->agentEnvs->env1); //Here !!
    bzero(buff,100);
    break; //Out of the for loop
    }
    else if(line_count == 2)
    {
    env_value->agentEnvs->env2 = new char[buff_len+1];
    strncpy(env_value->agentEnvs->env2,buff,buff_len);
    env_value->agentEnvs->env2[buff_len] = '\0';
    env_value->len2 = buff_len+1;
    rc1= putenv(env_value->agentEnvs->env2); //Here !!
    bzero(buff,100);
    break; //Out of the for loop
    }
    }
    buff[i++] = temp_buff[j];
    }
    }
    pclose(fp);
    system("ssh-add -l"); //testing purpose


  4. Re: Problem with ssh-agent and ssh-add


    > pclose(fp);
    > system("ssh-add -l"); //testing purpose


    I imagine the pclose() terminates the agent.

    --
    Richard Silverman
    res@qoxp.net


  5. Re: Problem with ssh-agent and ssh-add

    On 2005-11-07, Richard E. Silverman wrote:
    >
    >> pclose(fp);
    >> system("ssh-add -l"); //testing purpose

    >
    > I imagine the pclose() terminates the agent.


    Probably not since ssh-agent daemonizes itself (and since it writes
    the pid of the daemon process to stdout which is read earlier, it's
    guaranteed to have happened by then).

    To the OP: are you trying too run ssh-agent and ssh-add as different
    uids? On platforms that support it, ssh-agent will use getpeereuid()
    to determine the user on the other end of the socket connection and
    will refuse to talk to any processes running as a user other than the
    one that started the agent.

    What exactly do the SSH_* environment variables get set to? I had
    difficulty following your code, but inside the while loop it seemed to
    be trying to do something like:

    if ((p = strchr(temp_buff, ';')) != NULL) {
    *p = '\0';
    putenv(temp_buff);
    }

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  6. Re: Problem with ssh-agent and ssh-add

    Thanks again for your replies.

    Both ssh-agent and ssh-add are run by the same user.

    While we start the agent, we are capturing the ssh-agent environment
    variables (SSH_AUTH_SOCK and SSH_AGENT_PID) and storing it.
    i.e., the cmd "ssh-agent -s" would result in an output like this,
    SSH_AUTH_SOCK=/tmp/ssh-QDL22304/agent.22304; export SSH_AUTH_SOCK;
    SSH_AGENT_PID=22306; export SSH_AGENT_PID;
    echo Agent pid 22306;
    Here, we are cutting the first env SSH_AUTH_SOCK until we find the
    delimiter ";" and then we are appending a null character "\0" for the
    cut string. Similarly, two env variables are extracted and stored.
    Well, then this string is given as input for putenv().

    Thanks...


  7. Re: Problem with ssh-agent and ssh-add

    On 2005-11-08, sgprasad@dacafe.com wrote:
    > Thanks again for your replies.
    >
    > Both ssh-agent and ssh-add are run by the same user.
    >
    > While we start the agent, we are capturing the ssh-agent environment
    > variables (SSH_AUTH_SOCK and SSH_AGENT_PID) and storing it.
    > i.e., the cmd "ssh-agent -s" would result in an output like this,
    > SSH_AUTH_SOCK=/tmp/ssh-QDL22304/agent.22304; export SSH_AUTH_SOCK;
    > SSH_AGENT_PID=22306; export SSH_AGENT_PID;
    > echo Agent pid 22306;
    > Here, we are cutting the first env SSH_AUTH_SOCK until we find the
    > delimiter ";" and then we are appending a null character "\0" for the
    > cut string. Similarly, two env variables are extracted and stored.
    > Well, then this string is given as input for putenv().



    I reckon you're mishandling the strings somewhere.
    I didn't follow you in detail but you made it look complicated
    (when you're building a string char-by-char you know the length
    and don't need strlen()).

    See how this does.

    FILE *fp;
    char temp_buff[110];
    int line_count=0;
    int rc;
    char *cp, *cp2;

    fp = popen("ssh-agent -s","r");
    while(fgets(temp_buff,100,fp) !=NULL)
    {
    if (line_count++ == 2) break;

    cp=strchr(temp_buff, ';');
    if (cp) *cp='\0';

    // compulsory strdup() - putenv won't make a copy
    cp2=strdup(temp_buff);
    if (!cp2) {
    fprintf(stderr, "OOM at %d:%s\n", __LINE__, __FILE__);
    exit(1);
    }
    printf("PUTENV(%s)\n", cp2);
    rc=putenv(cp2);
    printf("rc from putenv is %d\n", rc);
    }
    pclose(fp);

    printf("TEST ENV\n");
    cp=getenv("SSH_AUTH_SOCK");
    if (cp) {
    printf("%s\n", cp);
    } else {
    printf("SSH_AUTH_SOCK not in env\n");
    }
    cp=getenv("SSH_AGENT_PID");
    if (cp) {
    printf("%s\n", cp);
    } else {
    printf("SSH_AGENT_PID not in env\n");
    }

    system("ssh-add -l");



    --
    Elvis Notargiacomo master AT barefaced DOT cheek
    http://www.notatla.org.uk/goen/
    Powergen write "Why not stay with us" - let me count the ways!

+ Reply to Thread