On Thu, 30 Mar 2017, Rich Shepard wrote: > On Thu, 30 Mar 2017, chris (fool) mccraw wrote: > >> I've had good luck making sure that my entire session runs under ssh-agent >> - before the days of ubiquitous desktop managers and login panels, I just >> ran 'ssh-agent startx'. Then one 'ssh-add' was good for the duration of my >> xwin session, including suspends. I think modern login panels/managers do >> this for you? I no longer ssh out of my linux machines very often so I >> haven't tried this in...years. > > Chris, > > Interesting. I boot into runlevel 3 on all hosts and manually startx (an > alias to start Xfce) unless I want to work on a console. I could add > ssh-agent to the starx alias, or just type it on the command line.
This, IMO, is the way to do this. Wrap your entire X session in ssh-agent. Even the Mac exports ssh-agent to all its terminals. > >> Other options if you don't trust your laptop is running 'ssh-agent screen' >> or 'ssh-agent tmux' on a remote "bastion" host that you enforce secure >> login to, and then you can reconnect to that session to Do The Thing, >> rather than carrying around a loaded gun, you just have one set up in a >> safe somewhere allready... > > I trust my laptop, but no one between it and the office network when I'm > away. Here in the office the connection is cat5 on the LAN. > > Thanks, > > Rich > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > -- Paul Heinlein <> [email protected] <> http://www.madboa.com/ _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
