SSH and ssh-agent

    Date24 Nov 2004
    5876
    Posted ByAnthony Pell
    No one likes typing passwords. If people had their way, computers would simply know who they were and what they should have access to without us proving it at every turn. In my last article I showed you how to create SSH Identities/Pubkeys, which can be used as an alternative to password authentication. . . . No one likes typing passwords. If people had their way, computers would simply know who they were and what they should have access to without us proving it at every turn. In my last article I showed you how to create SSH Identities/Pubkeys, which can be used as an alternative to password authentication. However, I then went right back and told you to passphrase protect them, so now you were substituting one password for another, seemingly gaining nothing.

    This week we have the payoff. We'll take the Identity/Pubkey trust we created last time, and learn how to use the ssh-agent program as our keymaster. We'll decrypt our keys once, put them in into the agent, and have it handle all our authentication needs thereafter.

    Starting up the Agent

    To start up the agent you can simply run it on the command line:


    $ ssh-agent

    SSH_AUTH_SOCK=/tmp/ssh-OqdW7921/agent.7921; export SSH_AUTH_SOCK;

    SSH_AGENT_PID=7922; export SSH_AGENT_PID;

    echo Agent pid 7922;

    When the agent starts, it writes some information to your screen that you can use to set up your shell's environment variables. In the above example, it is using Bourne shell syntax. If you were in a C-shell, say /bin/csh or /bin/tcsh, then it would have generated the variables differently. If ssh-agent can't determine which shell you are using correctly, you can use the -s or -c arguments to force it to provide Bourne or C-shell syntax, respectively.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"56","title":"No","votes":"0","type":"x","order":"2","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.