FYI: There is a potential security issue if you use both the CDE and JDS desktops, and use the ssh-agent. This is sort of the opposite of the agent disappearing:
Caution: If you use the Sun Java Desktop System (JDS), do not set up the ssh-agent command to run automatically. Because the killing of the ssh-agent process is controlled by a CDE interface, when you exit the JDS, the daemon continues to run. For example, if you start the daemon in a CDE session, move to a JDS session, and then log out, the daemon continues to run. A running daemon uses system resources. Although no known issues are associated with leaving the ssh-agent daemon running, the daemon contains a password, which could create a security risk. You can, of course, manually kill the ssh-agent process. But that implies that you are logged in. -- Sharon > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 10 Sep 2007 09:43:47 -0400 > From: James Carlson <james.d.carlson at sun.com> > Subject: [security-discuss] ssh-agent sometimes just disppears > To: security-discuss at opensolaris.org > > I'm finding that ssh-agent (launched from my .login) just disappears > from my system (Solaris Nevada build 71 on amd64) without apparent > provocation. > > There are no core files generated (I have coreadm set up to put all > core files in a central directory, and I have global setid dumps > enabled). There are no log messages generated. > > It just plain disappears. The only way I notice it is that subsequent > invocations of ssh require me to enter my passphrase to unlock my > local identity file. > > It's been doing this for a _long_ time, and through many upgrades, and > I guess I've just been hoping the problem would go away with some bug > fix. It hasn't. > > It doesn't happen every time -- I can go through a whole work day > without it exiting. It *does* seem to be load-related. (That is, if > I do something that really stresses the system, such as ::findleaks on > a full kernel dump, then ssh-agent is more likely to depart.) > > <SNIP>
