On Thursday, 23 November 2006 at 9:53:26 +0100, Stefan Thurner wrote: > Hi! > > I would like to activate ssh-agent automatically if I login > via ssh. > > My /etc/pam.d/sshd looks like: > > # auth > auth required pam_nologin.so no_warn > auth sufficient pam_opie.so no_warn no_fake_prompts > auth requisite pam_opieaccess.so no_warn allow_local > auth required pam_unix.so no_warn try_first_pass > auth optional pam_ssh.so no_warn try_first_pass > > # account > account required pam_login_access.so > account required pam_unix.so > > # session > session optional pam_ssh.so > session required pam_permit.so > > # password > password required pam_unix.so no_warn try_first_pass > > At ssh login I have to type in login password and password > for my ssh-key as expected but no ssh-agent is started. Any > ideas?
Hi Stefan. /etc/pam.d/sshd pam file is for sshd server not for ssh client. If you want to use ssh-agent whole the time your box is online you should start it right after login. In order to doing this add "session optional pam_ssh.so want_agent" line into session facility of /etc/pam.d/system file (it's included into /etc/pam.d/login so don't worry). If you prefer X terminals add this string to /etc/pam.d/kdm or gdm or xdm file. Don't forget to load you privat key with ssh-add command first time you use ssh. > > best regards > -Stefan > -- > Chemnitz University of Technology / Welding Engineering > Stefan Thurner > Phone / Fax: +49 371 531-32403 / -23729 > Email: [EMAIL PROTECTED] > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- ====================================================================== - Best regards, Nikolay Pavlov. <<<----------------------------------- ====================================================================== _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
