[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How to re-lock ssh private key?



Cameron Simpson wrote:
On 03Mar2009 01:06, Robert Nichols <rnicholsNOSPAM comcast net> wrote:
After I've used ssh on a connection with RSA authorization and given
my keyring's passphrase to gnome-ssh-askpass, that keyring is now
unlocked and future connections can be made without the passphrase.
Is there a way, short of logging out and back in, to make the
passphrase required again for a connection?
[SNIP]
In searching for info I keep getting references to ssh-agent being
responsible for remembering the key, but I find that ssh-agent is
never executed on my system.

I wonder how you find that, since it _is_ ssh-agent which provides this
service. What specific checks have you made?


I renamed /usr/bin/ssh-agent to /usr/bin/xxx-agent and rebooted.
Everything worked just as before.  That file has no other hard links.

Go:

  env | grep '^SSH'

Is there an SSH_AUTH_SOCK?

Find the ssh and kill it. Or modify your envionment sufficiently to gain
control over the ssh-agent (or simply start your own). By using the -t
option to ssh-agent when you start it you can control how long an added
key starts "good". You can also add a key with ssh-add and specify a
timeout then.

The process at the other end of $SSH_AUTH_SOCK is
"gnome-keyring-daemon -d -login".  That process gets created when I log
in.  Killing it doesn't strike me as a good idea.  Indeed, other keyring
related stuff breaks if I do that.

--
Bob Nichols     "NOSPAM" is really part of my email address.
                Do NOT delete it.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]