Re: ssh-agent (was: using a remote IMAP server and smarthost)

On Thu, Aug 30, 2007 at 01:00:44AM +0200, Florian Kulzer wrote:
On Tue, Aug 28, 2007 at 20:09:03 +0100, Richard Lyons wrote:
But, again if I understand Florian's earlier post, Method 2 requires the
use of sssh-agent. And I cannot see fromt he man page how to use it or
configure it.

IF I simply let mutt run the script as above, I get

ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory^M
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory^M
ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory^M
Permission denied (publickey,keyboard-interactive).

So I think I really need the ssh-agent. Help anybody?

Ssh-agent is part of the openssh-client package. It should be started
with every X session by the /etc/X11/Xsession.d/90x11-common_ssh-agent
script. (See "ps -e | grep ssh-agent".)

However, ssh-agent needs a frontend to handle the interaction with the
user when a passphrase for a private key has to be entered. This seems
to be what you are missing. Install one of the packages that provide
"ssh-askpass":
...

You can also explicitly provide a shell to ssh-agent, authorize using
ssh-add, and then ssh to any host on which you've placed your public
key(s) in .ssh/authorized_hosts. I do that sometimes from consoles on
hosts not running X, for instance, e.g.,

$ ssh-agent bash
$ ssh-add # ... prompts for passphrase
$ ssh somehost
$ ...

The keychain package can help when it comes to running cron jobs and
such by providing a script which you source to set a few variables to
the authorized keys. You need to connect to the host once to authorize
those keys, but after that the jobs can run autonomously. Not sure if
this is relevant...

Ken

--
Ken Irving, fnkci+debianuser@xxxxxxx


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

Relevant Pages

  • RE: sftp question
    ... Passwordless login is kind of unsafe, one way to login without being ... Prompted repeteadly is to use ssh-agent ... On host A from where you want to connect to another machine host B ... From the same shell you can do ssh as many times without being prompted ...
    (SSH)
  • Re: using expect with ssh
    ... to use ssh-agent and agent forwarding to manage logins. ... ssh to connect to the remote host. ... I don't think it'll in anyway be less secure than typing all the ... Of course, if you want to fully automate the script, you can put your ...
    (comp.os.linux.misc)
  • Re: ssh&scp batch
    ... >if i execute my script via the console, ... Stuff that fails when called by cron but works from elsewhere ... In this case I suspect the stuff derived from ssh-agent is missing: ...
    (comp.security.ssh)
  • Re: SFTP in batch mode
    ... ssh-keygen a key without a pass phrase. ... use ssh-agent ... the environment variables to the batch jobs. ... Now, in the batch script: ...
    (comp.security.ssh)
  • problem with ssh-agent
    ... on machine a i have a scipt, which is using scp and ssh. ... eliminate a need for providing a user password when a execute this ... have ssh-agent running on machine a and ssh on ... execute this script. ...
    (comp.unix.solaris)