On 16/01/2011, at 5:22 AM, bluethundr wrote: > hello centos.. I am having a very annoying problem on my network right > now. it looks like every time I try to add my ssh key to keychain I > have to issue a command just to get my ssh subsystem communicating > with the ssh-agent: > > I have this line in my .bashrc file > > $(keychain --eval --quick --quiet private_key1 private_key2 private_key3)
Should not this go into your ~/.bash_profile? (disclaimer: I've not used the 'keychain' program before) > If I try to perform ssh-add I get the message: > > [bluethundr@VIRTCENT01:~]#ssh-add > Could not open a connection to your authentication agent. > > So then I try to execute ssh-agent: > > > bluethundr@amanda:~]#exec ssh-agent bash > * Warning: can't find private_key1; skipping > * Warning: can't find private_key2; skipping > * Warning: can't find private_key3; skipping > bash: SSH_AUTH_SOCK=/tmp/ssh-cdJlgq6077/agent.6077;: No such file or directory > if SSH_AUTH_SOCK is not present, or ssh-agent is not running, then you would need to figure out where it should be started. (In your case, if it is not running, try removing the --quiet option to keychain or adding verbosity to see if it is or isn't starting the agent for you.) Typically, you only want this enabled on your workstation, and use SSH Agent Forwarding to access other machines recursively. The agent should typically be started for you on your workstation (you don't say if you're using a graphical environment on your workstation: most would start ssh-agent for you when you log in.) (Note that you shouldn't start ssh-agent in your ~/.bashrc or similar, you can easily get infinitely recursive behaviour) > Then I can add it. > > [bluethundr@amanda:~]#ssh-add > Enter passphrase for /home/bluethundr/.ssh/id_rsa: > Identity added: /home/bluethundr/.ssh/id_rsa (/home/bluethundr/.ssh/id_rsa) > > But if I ssh away from this box and then ssh back INTO it.. and then > sometime later have to ssh away again it asks me for my ssh key's > passphrase. See what I mean by 'annoying problem'? > You want to use the SSH Agent Forwarding feature (ssh -A ...). If you don't, then you would have to 'exec ssh-agent bash' followed by 'ssh-add ...' prior to starting a recursive session. Note that Agent Forwarding effectively means that you only need a keypair on your workstation, as if you log in from Workstation -> Server1 -> Server2, then Server2 will end up querying the key not from Server1, but from Workstation. For this to work, Agent Forwarding needs to be enabled on Server1 (which is, I think, the default behaviour, but I'm fairly new to Centos so you may like to check that). > Thanks in advance for your help! > > > > -- > GPG me!! > > gpg --keyserver pgp.mit.edu --recv-keys F186197B > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
