Printable View
Is there any program or way to have ssh-add invoked whenever the
passphrase for the required key has not already been supplied? Ideally
the soltion would also allow for the passphrase to time-out after a
while if unused.
Am I asking too much?
Thanks.
[email]alan.larkin@gmail.com[/email] wrote:[color=blue]
> Is there any program or way to have ssh-add invoked whenever the
> passphrase for the required key has not already been supplied? Ideally
> the soltion would also allow for the passphrase to time-out after a
> while if unused.
>
> Am I asking too much?
>
> Thanks.[/color]
There are ways to set up keychain. But when do you want it to ask for the
keys? And how should it trigger a request for the reloading of it?
Nico Kadel-Garcia wrote:[color=blue]
> [email]alan.larkin@gmail.com[/email] wrote:[color=green]
> > Is there any program or way to have ssh-add invoked whenever the
> > passphrase for the required key has not already been supplied? Ideally
> > the soltion would also allow for the passphrase to time-out after a
> > while if unused.
> >
> > Am I asking too much?
> >
> > Thanks.[/color]
>
> There are ways to set up keychain. But when do you want it to ask for the
> keys? And how should it trigger a request for the reloading of it?[/color]
Well like I said, I would like it to ask for the keys only as required,
i.e. it should ask for a passphrase the first time ssh is run (assuming
the target ssh server has a corresponding public key - which leads me
to think this might only be possible by merging ssh/ssh-agent and
ssh-add). Subsequently that passphrase should not be required, a la
normal ssh/ssh-add behaviour. The time out would just be an added
bonus.
Nonsense, feasible, or existing?
<alan.larkin@gmail.com> wrote in message
news:1154592598.717898.14020@m73g2000cwd.googlegroups.com...[color=blue]
> Nico Kadel-Garcia wrote:[color=green]
>> [email]alan.larkin@gmail.com[/email] wrote:[color=darkred]
>> > Is there any program or way to have ssh-add invoked whenever the
>> > passphrase for the required key has not already been supplied? Ideally
>> > the soltion would also allow for the passphrase to time-out after a
>> > while if unused.
>> >
>> > Am I asking too much?
>> >
>> > Thanks.[/color]
>>
>> There are ways to set up keychain. But when do you want it to ask for the
>> keys? And how should it trigger a request for the reloading of it?[/color]
>
> Well like I said, I would like it to ask for the keys only as required,
> i.e. it should ask for a passphrase the first time ssh is run (assuming
> the target ssh server has a corresponding public key - which leads me
> to think this might only be possible by merging ssh/ssh-agent and
> ssh-add). Subsequently that passphrase should not be required, a la
> normal ssh/ssh-add behaviour. The time out would just be an added
> bonus.
>
> Nonsense, feasible, or existing?[/color]
The timeout and "on-demand" business make it interesting. What it sounds
like you really want is a wrapper for for the SSH and SCP and SFTP clients,
to only whine about the key if you happen to be at a console and otherwise
to simply call the SSH binary. I'm not aware of anyone having written this,
but it should be child's play to detect whether you are at a tty and do
appropriate things. I'd put it in your ~/bin directory, to keep it out of
other user's way.