Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: Backgrounding part of 'ssh-agent $cmd'

X-seq: zsh-users 17579
From: Daniel Shahaf <d.s@xxxxxxxxxxxxxxxxxx>
To: Bart Schaefer <schaefer@xxxxxxxxxxxxxxxx>
Subject: Re: Backgrounding part of 'ssh-agent $cmd'
Date: Fri, 18 Jan 2013 08:18:45 +0200
Cc: zsh-users@xxxxxxx
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= daniel.shahaf.name; h=date:from:to:cc:subject:message-id :references:mime-version:content-type:in-reply-to; s=mesmtp; bh= ZAa/Xq3AqDho24MqkdQOC8g6N9c=; b=yy66NbXFuW3ROHVeRCircbc3vrdyV2/h 2hnl2ErbHMZw+tI17ySXl8TQP4l5sv+fAf2caVXBVRB6+9nnp8PYGPSZK4sepNab Po5mubVCgIOuAGO9n/NHij8zKdfpQ9X19MyiZCmowNs2oJgohyw9ULAPafHTMjMd Q1wb5TSvMts=
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=date:from:to:cc:subject:message-id :references:mime-version:content-type:in-reply-to; s=smtpout; bh=ZAa/Xq3AqDho24MqkdQOC8g6N9c=; b=QRVmfG0f00lblvdcSDxQeJj+v9cY mL8qIXVnZCvoiFPAMgfZ0hfdnNvR7Ozqemy/vw5Kxul3cx660QVPQ3GcotS71ZMP eYMMQydv89Bf3f6CmLHFNHWld+8vNu5ow//nbyqQzpRkrg4cuO3GzDHWvwK3OhqW 897JmycHHINUi0w=
In-reply-to: <130116093514.ZM19656@torch.brasslantern.com>
List-help: <mailto:zsh-users-help@zsh.org>
List-id: Zsh Users List <zsh-users.zsh.org>
List-post: <mailto:zsh-users@zsh.org>
Mailing-list: contact zsh-users-help@xxxxxxx; run by ezmlm
References: <20130116065951.GA2992@lp-shahaf.local> <130116093514.ZM19656@torch.brasslantern.com>

Bart Schaefer wrote on Wed, Jan 16, 2013 at 09:35:14 -0800:
> On Jan 16,  8:59am, Daniel Shahaf wrote:
> } Subject: Backgrounding part of 'ssh-agent $cmd'
> }
> } More specifically, my workflow involves establishing several 'ssh -MNf'
> } connections every morning
> 
> Are you running this on an Xorg desktop?  Some Xorg distributions set
> up ssh-agent directly under the session manager so all applications
> on the desktop use the same agent.  Unless you specifically need to
> run a separate agent for this, you might check whether one is already
> available.

Yes, and yes my distribution sets up a session-global ssh-agent
instance.  Using a separate agent was a means to an end: not having the
ssh keys decrypted in memory whilst the laptop is hibernating.

> I source a file from my .zlogin that looks like this
> (details elided):
> 
>   (( SSH_AGENT_PID )) || return 0
>   [[ $(ssh-add -L) = *"no identities"* ]] || return 0
>   ssh-add ...
> 
> The ssh-add command in this setup is clever enough to invoke zenity or
> gdialog or the equivalent to pop up a window for the password.  Have
> you tried something like
> 
>     ssh-add ~/.ssh/foo.id_rsa </dev/null >>& .ssh-add-errors
> 
> to see if it finds some other way to prompt you?  If that works, then
> you can just background the entire foo_ssh_preseed call, whether or
> not you already have an ssh-agent for the desktop session.

Yes, 'ssh-add ~/.ssh/foo.id_rsa </dev/null' does prompt
me with a GUI window.

> 

So, combining your and Christian's inputs, it appears I have two options:

- Add the key to the global agent at login (or after hibernte), and
  install a suspend- or screensaver- hook that clears the agent.

- Retain my current code, with the following modification:
  * 'ssh-add foo.id_rsa' -> 'ssh-add foo.id_rsa </dev/null'
  * 'foo_ssh_preseed' -> 'foo_ssh_preseed &'

I've tried the second approach and it appears to work as intended: I get
prompted for my SSH password (graphically), then foo_ssh_preseed runs in
the background (dumping stderr to foreground) and foo_main proceeds in
the foreground.

Which is what I was after; thank you.

Thanks also to Christian for the pointers to the suspend- and
screensaver- hooks --- I haven't tried them yet, but they represent
a viable alternative.

Cheers

Daniel

Follow-Ups:
- Re: Backgrounding part of 'ssh-agent $cmd'
  - From: Bart Schaefer

References:
- Backgrounding part of 'ssh-agent $cmd'
  - From: Daniel Shahaf
- Re: Backgrounding part of 'ssh-agent $cmd'
  - From: Bart Schaefer

Messages sorted by: Reverse Date, Date, Thread, Author