On Sun, Dec 13, 2009 at 10:13:54PM -0500, Brother Railgun of Reason wrote: > I'm trying to isolate a behavioral change in OpenSSH. This change is > present on only one of my machines so far. It is the only Gentoo > install I have up, running and complete at this time; it is ALSO the > only machine I have - yet - which is running OpenSSH 5.3p1. All the > rest are running 5.2p1. It very likely has nothing to do with OpenSSH per se, though I'm not an authority on what recent releases of SSH code are doing. However, some distros and/or desktop environments are now doing this for you by default. The idea here is that the only sensible way to start an ssh-agent is in the parent process of your X session (which is mostly true, though if you're a power user, you may want something else). In so doing, you make the agent available to all shell sessions started by your X session. In general, this is a Good Thing. The standard way for users to do this themselves is to create (or edit) ~/.xsession, make it an executable shell script, and do something like this in it: ssh-agent gnome-session Of course, Unix/Linux/etc. being what it is, there are a hundred variations on this theme, including yours. The desire to do this is so common nowadays that a lot of desktop environment types think they should just do it for you automatically, or at least present the option. The trouble is that the control of the starting up of an X session is a bit esoteric, and lots of people who use it (including some distro and desktop environment makers) don't seem to understand all the details (unsurprisingly; as I said, it's esoteric), and you end up with a lot of different brain-damaged customizations to the standard X startup scripts, some of which cause the above method to not work. For example, the GNOME and/or Ubuntu folks screwed this up pretty nicely here: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/398300 But I'm off on tangent, sorry. KDE has also done their own thing, where if you have the right magic in a config file, it will set up ssh-agent for you. And, at least on Ubuntu, there's a bit of shell code in /etc/X11/Xsession.d/90x11-common_ssh-agent that decides whether or not to automatically start an ssh-agent for you, again based on some esoteric config file. A quick search turns up this: http://www.gentoo.org/doc/en/keychain-guide.xml?style=printable It may contain the info you need, especially in the section "Using keychain with KDE" if you're a KDE user. Otherwise, you will probably have to fish around in /etc/X11 for something that starts ssh-agent. If you're in that boat, I'd try something like this: # cd /etc/X11; grep -r -i 'ssh-agent' * Happy hunting! -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D
Attachment:
pgpjZvcBlgD9W.pgp
Description: PGP signature
