I set up a new user account for a friend on Kubuntu 12.04. When he uses ssh he gets this error:
Could not open a connection to your authentication agent
We're running ssh in some bash scripts.
After looking around at the wide variety of things that can lead to that error, I came across this solution:
$ eval `ssh-agent -s`
$ ssh-add ~/.ssh/some_id_rsa
Then he can run the ssh commands (and bash scripts) as expected.
Before running those two commands, the env variables are not set in a terminal:
$ echo $SSH_AGENT_PID
$ echo $SSH_AUTH_SOCK
$
After running the commands, the env variables are set as expected. However, they do not stay set (e.g., in a different shell or after rebooting).
I want to know how to set up his computer so he doesn't have to run those two commands to set the env variables. I do not need to run them on my computer (ever). So far I am not seeing what is different between our machines.
I see this info in the man page, but it does not tell me how Ubuntu is normally setting up the agent automatically or what is happening on my friend's machine so that this is not working for him.
There are two main ways to get an agent set up: The first is that the agent starts a new subcommand into which some environment variables are exported, eg ssh-agent xterm &. The second is that the agent prints the needed shell commands (either sh(1) or csh(1) syntax can be generated) which can be evalled in the calling shell, eg eval
ssh-agent -sfor Bourne-type shells such as sh(1) or ksh(1) and evalssh-agent -cfor csh(1) and derivatives.
After installing acct and rebooting, this is the output of lastcomm:
ssh-agent F newuser __ 0.12 secs Wed Aug 7 11:02
ssh-agent F newuser __ 0.00 secs Wed Aug 7 20:34
ssh-agent F newuser __ 0.02 secs Wed Aug 7 20:02
ssh-agent F newuser __ 0.01 secs Thu Aug 8 12:39
ssh-agent F newuser __ 0.02 secs Thu Aug 8 07:45
From the man page:
F -- command executed after a fork but without a following exec
I'm not sure if that is significant.
You mentioned your user is sshing in, not logging in locally. So the use-ssh-agent in /etc/X11/Xsession.options is a red herring: it won't be executed on SSH sessions, only when logging into a X11 GUI desktop locally (or using some virtual X11 session like over VNC or RDP).
Instead, you should check if libpam-ssh is installed on either system. It can be configured to authenticate a user using SSH private key passphrases, but that is optional and you'll need to specifically place the key to ~/.ssh/login-keys.d/ for that functionality.
Its other feature, though, is to auto-start a SSH agent on any login session and automatically add SSH private keys to the agent if their passphrase is the same as the user's login password. I'm thinking this might be the cause of the different behavior between your systems.
이 기사는 인터넷에서 수집됩니다. 재 인쇄 할 때 출처를 알려주십시오.
침해가 발생한 경우 연락 주시기 바랍니다[email protected] 삭제
몇 마디 만하겠습니다