This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: ssh-agent



> -----Original Message-----
> From: Brian Gallew [mailto:geek@burri.to]
> Sent: Monday, May 20, 2002 8:54 PM
> To: cygwin@cygwin.com
> Subject: ssh-agent
> 
> 
> I'm trying to use ssh-agent in a useful manner on my laptop.  So, my
> desired state is to run the agent as a service.  Here's the command
> I'm using to *try* to install it.
> cygrunsrv.exe --install ssh-agent -p /bin/ssh-agent -a "-d"
> 
> Sadly, the service fails to start.  Any ideas?
> 
> If it matters, I updated my cygwin install at 0900 EST today and I'm
> running it on top of XP.
> 

You might want to look at the tool 'keychain'.  In the setup.exe
Category window, it's in the 'Utils' group.  Here's what it displays
when you enter: $ keychain --help


KeyChain 1.8; http://www.gentoo.org/projects/keychain
 Copyright 2001 Gentoo Technologies, Inc.; Distributed under the GPL
Usage: /usr/bin/keychain [ options ] sshkey ...

Description:

 Keychain is an OpenSSH key manager, typically run from ~/.bash_profile.
When
 run, it will make sure ssh-agent is running; if not, it will start
ssh-agent.
 It will redirect ssh-agent's output to ~/.ssh-agent-[hostname], so that
cron
 jobs that need to use ssh-agent keys can simply source this file and
make the
 necessary passwordless ssh connections.  In addition, when keychain
runs, it
 will check with ssh-agent and make sure that the ssh RSA/DSA keys that
you
 specified on the keychain command line have actually been added to
ssh-agent.
 If not, you are prompted for the appropriate passphrases so that they
can be
 added by keychain.

 Typically, one uses keychain by adding the following to the top of
their
 ~/.bash_profile (or ~/.zlogin, in case of zsh):

  keychain ~/.ssh/id_rsa ~/.ssh/id_dsa
  . ~/.ssh-agent-${HOSTNAME}

  # alt. syntax: . ~/.ssh-agent-`uname -n`
  # note the use of back-quotes (`) rather than single-quotes (') above.
  # We now append the hostname (`uname -n`) to the .ssh-agent filename
  # for NFS-compatibility.

 You can make keychain work with your csh-compatible shell by adding the
 following to your .cshrc:

  keychain ~/.ssh/id_rsa ~/.ssh/id_dsa
  source ~/.ssh-agent-csh-${HOSTNAME}

 Keychain allows all your apps and cron jobs to use a single ssh-agent
process
 as an authentication agent.  By default, the ssh-agent started by
keychain is
 long-running and will continue to run, even after you have logged out
from the
 system.  If you'd like to tighten up security a bit, take a look at the
 --clear option, described below.

Options:

 --local

 Prevents keychain from appending the hostname to any of the files.
This
 makes life simpler in a non NFS world.

 --clear

 Tells keychain to delete all of ssh-agent's host keys.  Typically, This
is
 used in the ~/.bash_profile.  The theory behind this is that keychain
should
 assume that you are an intruder until proven otherwise.  However, while
this
 option increases security, it still allows your cron jobs to use your
ssh keys
 when you're logged out.

 --noask

 This option tells keychain do everything it normally does (ensure
ssh-agent is
 running, set up the ~/.ssh-agent-[hostname] file) except that it will
not
 prompt you to add any of the keys you specified if they haven't yet
been added
 to ssh-agent.

 --nocolor

 This option disables color highlighting for non vt-100-compatible
terms.

 --stop | -k

 This option tells keychain to stop all running ssh-agent processes, and
then
 exit.

 --quiet | -q

 This option tells keychain to turn off verbose mode and only print
error
 messages and interactive messages. This is useful for login scripts
etc.

=============

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]