[lug] SSH notes for meeting August 8, 2002

Michael Hirsch mhirsch at nubridges.com
Mon Aug 12 07:14:59 MDT 2002


On Sun, 2002-08-11 at 15:29, Rob Judd wrote:
> > > My slides for the demo on using keys with SSH may be found at
> > > http://www.math.du.edu/~rjudd/cryptography/notes/
> 
> [ snip ]
> 
> > > So my question is: are there any user-definable scripts that KDE and Gnome
> > > run where you could put this line as a regular user?  I would like to add
> > > that information to my slides.
> >
> > I don't know about the install locations for all things on all
> > distributions, but there is (at least on RH) /etc/X11/xinit/xinitrc.d/,
> > with a startup purpose similar to the system init scripts. If you place
> > an executable file or shell script in that directory, I believe it will
> > go through each name it finds with a "for each file found" type script.
> > I do not know if it will do all that you want or not, but I added
> > "xhost.xinitrc" there to run the proper xhost commands for my setup. I
> > think this works regardless of whether a display manager is used or not
> > (e.g., xdm, kdm, gdm). You'll also see other directories that you can
> > poke around that have some useful properties.
> 
> This is the same, albeit in a different location, as editing startkde,
> Xsession, or whatever.  I would like a solution that doesn't require root
> privileges.

Evelyn Mitchell wrote the correct solution by quoting 
http://www.linuxgazette.com/issue67/nazario2.html:
  A second modification you can do is to start your X desktop, such as
  GNOME or KDE, as the argument to ssh-agent. This will cause every X
  client locally started to be aware of how to communicate with the
agent,
  allowing for greater ease when you use terminals to log in to other
  hosts. 

To expand on this, most recent distributions will check for the
existence of .Xclients, .Xsession or .xinitrc (depending on the
distributions) and execute it if it is there.  For instance, RedHat
executes ~/.Xclients when available.  If you run switchdesk and select
KDE, RedHat will make your .Xclients read:
#!/bin/bash

# Created by Red Hat Desktop Switcher

if [ -e "$HOME/.Xclients-$HOSTNAME$DISPLAY" ]; then
    exec $HOME/.Xclients-$HOSTNAME$DISPLAY
else
    exec $HOME/.Xclients-default
fi

and .Xclients-default will be 
# Created by Red Hat Desktop Switcher
exec startkde

The trick is to edit one (either) of these files to make sure that
ssh-agent is executed.  I edited my .Xclients to be:
#!/bin/bash

# Created by Red Hat Desktop Switcher

if [ -e "$HOME/.Xclients-$HOSTNAME$DISPLAY" ]; then
    exec $HOME/.Xclients-$HOSTNAME$DISPLAY
else
    exec ssh-agent $HOME/.Xclients-default
fi

So .Xclients-default runs as a sub-process of ssh-agent.

Next, in my KDE startup directory (~/.kde/Autostart) I have a script
that runs ssh-add on my identity files.  These in turn prompt me to
enter the passphrase in a nice little window during the startup process.

Hope that helps,

Michael





More information about the LUG mailing list