On Thu, Aug 30, 2007 at 12:59:10 +0100, Richard Lyons wrote: > On Thu, Aug 30, 2007 at 01:00:44AM +0200, Florian Kulzer wrote:
[...] > > Ssh-agent is part of the openssh-client package. It should be started > > with every X session by the /etc/X11/Xsession.d/90x11-common_ssh-agent > > script. (See "ps -e | grep ssh-agent".) > > Oh yes, I see it is set up to start if available... > > > > However, ssh-agent needs a frontend to handle the interaction with the > > user when a passphrase for a private key has to be entered. This seems > > to be what you are missing. Install one of the packages that provide > > "ssh-askpass": > > I installed gtk-led-askpass and added a line "/usr/bin/gtk-led-askpass" in > ~/GNUstep/Library/WindowMaker/autostart, but this simply caused Xwindows > to open in a frozen state (waiting for my response on a non-visible > window, I assume since the ssh-agent process was running). This is > probably easy enough to resolve, but it will still require me to enter > the reasonably secure passphrase (read "excessively long") that I chose, > so perhaps I shall stay with method 1, the ssh tunnel, which works > easily enough. I realize now that I made a mistake in my earlier mail: At the start of the X session I run "ssh-add" and not gtk-led-askpass. It seems that this also works for windowmaker: http://www.windowmaker.info/faq.php?chapter=5#109 (I think you don't need the "eval `ssh-agent`" line since that part is already handled by /etc/X11/Xsession.d/90x11-common_ssh-agent.) > The only thing that would make it more convenient still would be if I > could see how to write scripts to open and close the tunnel. They would > need to check if it is already open first. When opening or closing the > tunnel the scripts would also set sendmail= apropriately. Then I could > map them to hotkeys in mutt. When I am attached to our home network, I > can send direct, but when I am on a laptop elsewhere or in Italy I need > to use the tunnelling. So the possibility of easy switching would be > useful. I never tried to set up something like that. I don't think you need port forwarding if you have the remote execution of msmtp working, no matter where you are. Just add your laptop's id_*.pub identities to ~/.ssh/authorized_keys on the vm. Of course, this requires that ssh works from wherever you are, but if ssh does not work than you cannot use port forwarding either. -- Regards, | http://users.icfo.es/Florian.Kulzer Florian | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
