Keep ssh-agent running on remote machine - SSH

This is a discussion on Keep ssh-agent running on remote machine - SSH ; What is the canonical way to keep a ssh-agent running on a remote machine? This agent has to be given a passphrase to be started. I want to run rsnapshot backups across two remote machines. The one running rsnapshot will ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Keep ssh-agent running on remote machine

  1. Keep ssh-agent running on remote machine

    What is the canonical way to keep a ssh-agent running on a remote
    machine? This agent has to be given a passphrase to be started.

    I want to run rsnapshot backups across two remote machines. The one
    running rsnapshot will need the agent running to avoid needing manual
    intervention for passwd.

    Of course starting the agent needs a passphrase too so how to automate
    that?



  2. Re: Keep ssh-agent running on remote machine

    reader@newsguy.com wrote in news:874q2yqubd.fsf@newsguy.com:

    > What is the canonical way to keep a ssh-agent running on a remote
    > machine? This agent has to be given a passphrase to be started.
    >
    > I want to run rsnapshot backups across two remote machines. The one
    > running rsnapshot will need the agent running to avoid needing manual
    > intervention for passwd.
    >
    > Of course starting the agent needs a passphrase too so how to automate
    > that?



    I don't think you can load a passphrase protected identity automatically.
    The first time I need the agent I load it manually (or at boot time), and
    save the outputted enviroment settings to a shell script. I then source
    the shell script and manually add the identity to it - once. Until the
    machine reboots that agent will retain the identity and all you need to do
    is source the shell script to access it.

    Be careful to protect this shellscript from unauthroized users. If they
    can source it, they can authenticate as whatever identity is cached by the
    agent.

    There's also a shell script named "keychain" (you should be able to google
    it) that automates all this.

    HTH

+ Reply to Thread