Red Hat Bugzilla – Bug 32229
xinitrc should use ssh-agent
Last modified: 2007-04-18 12:32:15 EDT
Since openssh is now legal for export and is included by default w/ Red
Hat, etc., xinitrc should be configured to use ssh-agent by default, if
it is present.
(i.e. inside a `if [ -x /usr/bin/ssh-agent ]; then` block)
if [ -x /usr/bin/ssh-agent]; then
then all the exec lines become
exec $SSH_AGENT <foo>
Not that I've done this by hand to every RH distro since 6.0... no, not at all.
Nor have I added ssh-add to the autorun folders on all those systems
You want a patch?
Sure, send me a patch. I can't guarantee it will get into our next
release, however, if it doesn't, I will certinly try to add the
functionality into XFree ASAP after that, perhaps in an errata.
Created attachment 13065 [details]
patch to use ssh-agent when available.
not tested, but looks "obviously right" needs "%patch0 -p1" in .spec file.
quick test. "Works For Me(TM)", both w/ ssh-agent and w/o.
Ok thanks. I'll look into this for a future release. Looks like a good
idea to me.
I've investigated the attached patch, and discussed it with a few
other developers here. One problem with this patch is that it
does not do anything to detect an already running ssh-agent, nor
does it try to shut down ssh-agent on exit.
In order for such a patch to become part of the shipping XFree86,
it needs to be clean, and handle this. A few people here have
tried to implement this already but were unable to come up with
a clean solution.
I'm closing this as I do not see enough benefit returned for
engineering time that would be spent trying to solve this,
and test and debug it until it works properly.
(Another case it would have to handle, is the case where a user
already starts ssh-agent from ~/.bash_profile, or similar)
1) Quiting SSH agent.
When ssh-agent is run with an argument following, it exits when the program
following it does. Fer example:
$ ssh-agent bash
$ echo $SSH_AGENT_PID
$ ps auwwx | grep 9240
kilpatds 9240 0.0 0.3 2388 792 ? S 22:38 0:00 ssh-agent bash
kilpatds 9267 0.0 0.2 1732 600 pts/3 R 22:38 0:00 grep 9240
$ ps auwwx | grep 9240
kilpatds 9282 0.0 0.2 1732 600 pts/3 S 22:38 0:00 grep 9240
As the patch in question executed the rest of the Xclient stuff from
ssh-agent, stopping ssh agent doesn't matter.
2) Detecting an already running one.
Yep, I missed that.
test -n "$SSH_AGENT_PID" && kill -0 $SSH_AGENT_PID && echo "already running"
Anything else I need to cover? You want me to start maintaining a patch?