I'm trying to isolate a behavioral change in OpenSSH. This change is present on only one of my machines so far. It is the only Gentoo install I have up, running and complete at this time; it is ALSO the only machine I have - yet - which is running OpenSSH 5.3p1. All the rest are running 5.2p1. I have a persistent-auth scheme that I have been using for over ten years. It involves .bash_profile starting a persistent ssh-agent when I log into a machine on my network remotely via ssh for the first time, and saving the agent's environment variables in .ssh/agent.$HOSTNAME so that it can be sourced by subsequent logins by the same user, allowing the user to share the same ssh-agent across multiple successive or concurrent logins as long as it remains present. On the one machine that has been updated to 5.3p1, however, and ONLY on that machine, an extra ssh-agent is being started "for me", NOT by me, which is screwing up my scripting. It writes its variables into the subtly different .ssh/agent-$HOSTNAME, or if that already exists, .ssh/agent-$HOSTNAME-ssh. I can't use this ssh-agent in the persistent manner described above because it self-terminates as soon as the login that it was started for exits. This makes it about as much use to me as a bicycle to a fish. Is this a behavioral change in OpenSSH? If so, is there a way to disable it? It's not useful to me, and in fact caused me quite a few headaches until I figured out what was going on. For now, I'm resorting to killing the unwanted ssh-agent before starting my own, but this is a bit of a brute-force approach and not really ideal. (But then, starting an ssh-agent by default for every remote login without even trying to find out whether the user or the system administrator wants one started or not doesn't seem to me like a very good idea in the first place.) If it's NOT OpenSSH's doing, then I need to dig further into the Gentoo login auth system and try to find whether they're doing it. -- Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355 alaric@xxxxxxxxxxxxxx alaric@xxxxxxxxxxxxx phil@xxxxxxxxxxxxxxx Renaissance Man, Unix ronin, Perl hacker, Free Stater It's not the years, it's the mileage.