Re: [X2Go-User] Global ssh-agent

Wed, 02 Dec 2015 21:49:20 -0800 

On 12/01/2015 12:34 AM, Dmitry Bely wrote:

Hi Orion,

On Thu, Nov 26, 2015 at 2:11 AM, Orion Poplawski <[email protected]> wrote:

On 11/24/2015 05:10 AM, Dmitry Bely wrote:

Hi,

I would like to use ssh-agent globally for X session (Debian/MATE if
it matters). X session starts it itself and when I login to X locally
it works as expected (SSH_AGENT_PID and SSH_AUTH_SOCK environment
variables are set correctly). But if I connect to the host via x2go,
strange things happen: in any terminal session SSH_AUTH_SOCK points to
non-existing path and SSH_AGENT_PID is not set at all. I tried to work
around this adding to ~/.bashrc:

if [ ! -S ~/.ssh/ssh_auth_sock ]; then
   eval `ssh-agent -s`
   ln -sf "$SSH_AUTH_SOCK" ~/.ssh/ssh_auth_sock
fi
export SSH_AUTH_SOCK=~/.ssh/ssh_auth_sock

This way SSH_AUTH_SOCK is correct but SSH_AGENT_PID is surprisingly
unset somethere. Any idea how to fix that?



I don't quite follow what you mean by "globally".  Are you using
desktop-sharing and connecting to an existing X session and want to use that
ssh-agent?


I need one ssh-agent per X session that all child processes can access.


In that case perhaps your x2go ssh connection is forwarding the
ssh-agent connection from the client machine and you need to disable the agent
forwarding.


Probably you are right. But how to disable it in QT4 x2goclient? If I add

Host *
ForwardAgent no

to ~/.ssh/config it affects a separate ssh session but not
x2goclient's one. And I failed to find any command line/GUI x2goclient
option that is related to ssh agent forwarding.
Hmm, it appears that the code never calls ssh_options_parse_config(), whether by intention or not I do not know. CCing the dev list to get their take on it. But the libssh docs indicate that it should be called: http://api.libssh.org/master/group__libssh__session.html#ga7a801b85800baa3f4e16f5b47db0a73d
And I can confirm that x2goclient does appear to forward the SSH_AGENT at least if using the ssh-agent for authentication to the remote server. 

--
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA/CoRA Division                    FAX: 303-415-9702
3380 Mitchell Lane                  [email protected]
Boulder, CO 80301              http://www.cora.nwra.com
_______________________________________________
x2go-user mailing list
[email protected]
http://lists.x2go.org/listinfo/x2go-user

Reply via email to