Thomas Borger <[EMAIL PROTECTED]> writes:
> Wie kann ich dieses Verhalten abstellen?!
Aus Deinen Login-Skripten den Aufruf von ssh-agent lÃschen? Oder
verwendest Du pam_ssh? Ich verwende folgendes Skript:
Jochen
#!/bin/sh
#-----------------------------------------------------------------------
# Starting ssh-agent when logging in
#-----------------------------------------------------------------------
# $Id: ssh-login,v 1.4 2002/08/06 17:57:54 jochen Exp jochen $
#-----------------------------------------------------------------------
# This works when you use a bourne shell compatible shell. Add the
# following sniplet into your .bashrc, .kshrc or .zshrc depending
# on your login shell. I've tested it with zsh.
#-----------------------------------------------------------------------
# if [ -f $HOME/scripts/ssh-login ]; then
# . $HOME/scripts/ssh-login
# fi
#-----------------------------------------------------------------------
#-----------------------------------------------------------------------
pidfile=$HOME/.ssh/agent.pid.`hostname`
identity=$HOME/.ssh/id_dsa
#-----------------------------------------------------------------------
#-----------------------------------------------------------------------
debug()
{
:
#echo "$*"
}
#-----------------------------------------------------------------------
is_ssh_agent()
{
debug "function is_ssh_agent entered"
# is SSH_AGENT_PID set and valid?
if [ -n "$1" ]
then
# Linux /proc style
if [ -f "/proc/$1/cmdline" ]
then
# backticks are more portable than $( / $)
# which don't work with Solaris /sbin/sh
cmdline=`cat /proc/$1/cmdline | tr -d '\000'`
# X in front of string comparisons to avoid
# [: argument expected
if [ ! X"ssh-agent" = X"$cmdline" ]
then
debug "PID $1 is no ssh-agent"
return 1
fi
# Solaris and AIX /proc style
elif [ -f "/proc/$1/psinfo" ]
then
cmdline=`strings /proc/$1/psinfo | head -1`
if [ ! X"ssh-agent" = X"$cmdline" ]
then
debug "PID $1 is no ssh-agent"
return 1
fi
# no /proc at all, e.g. HP-SUX
# after all, only ps is portable, and even that is a lie :-(
elif [ -z "`ps -e | grep \"^ *$1 \" | grep ssh-agent `" ]
then
debug "PID $1 is invalid"
return 1
fi
return 0
fi
return 1
}
maybe_save_pid()
{
debug "function maybe_save_pid entered"
debug "SSH_AGENT_PID is $SSH_AGENT_PID"
WORK_SSH_AGENT_PID=$SSH_AGENT_PID
WORK_SSH_AUTH_SOCK=$SSH_AUTH_SOCK
if [ -f $pidfile ]; then
. $pidfile > /dev/null
debug "saved SSH_AGENT_PID is $SSH_AGENT_PID"
else
unset SSH_AGENT_PID
unset SSH_AUTH_SOCK
fi
if [ ! x"$WORK_SSH_AGENT_PID" = x"$SSH_AGENT_PID" ]; then
debug "Saving new SSH_AGENT_PID $WORK_SSH_AGENT_PID"
echo "SSH_AGENT_PID=$WORK_SSH_AGENT_PID ; export SSH_AGENT_PID" > $pidfile
echo "SSH_AUTH_SOCK=$WORK_SSH_AUTH_SOCK ; export SSH_AUTH_SOCK" >> $pidfile
fi
}
ssh_login()
{
#-----------------------------------------------------------------------
# If we are logging in via ssh and have agent forwarding on
if [ ! -z "$SSH_CLIENT" -a ! -z "$SSH_AUTH_SOCK" ]; then
debug "SSH_CLIENT is set and agent forwarding on, no agent needed"
return
fi
#-----------------------------------------------------------------------
# Check old agent PID
if is_ssh_agent "$SSH_AGENT_PID"; then
maybe_save_pid
return
fi
#-----------------------------------------------------------------------
# Read PID-file when there is one
if [ -f $pidfile ]; then
debug "Reading PID-File Â${pidfile}Â"
. $pidfile > /dev/null
debug "Values are: SSH_AGENT_PID=$SSH_AGENT_PID, SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
fi
# is the PID-file valid?
if is_ssh_agent "$SSH_AGENT_PID"; then
return
fi
debug "Starting ssh-agent, writing to $pidfile"
ssh-agent > $pidfile
. $pidfile > /dev/null
if tty -s; then
# Enter passphrase for your key
debug "adding keys to agent"
ssh-add $identity
fi
}
#-----------------------------------------------------------------------
case "$-" in
*C*) # noclobber is set
set +o noclobber
ssh_login
set -o noclobber
;;
*)
ssh_login
;;
esac
#-----------------------------------------------------------------------
--
#include <~/.signature>: permission denied
----------------------------------------------------------------------------
PUG - Penguin User Group Wiesbaden - http://www.pug.org
