This is the mail archive of the
cygwin
mailing list for the Cygwin project.
RE: ssh-agent and /tmp/ssh-* removal at logout
- From: Mark Paulus <mark dot paulus at mci dot com>
- To: "cygwin at cygwin dot com" <cygwin at cygwin dot com>
- Date: Wed, 23 Feb 2005 09:55:17 -0700
- Subject: RE: ssh-agent and /tmp/ssh-* removal at logout
I think keychain as a service would be nice. I currently
use a modified version of ssh-agent as a service, and
it works pretty well. I just have to remember to replace
the ssh-agent with my patched version any time the
ssh package gets updated.
And, yes, I have offered a patch upstream as well as the
other guy who gave me the idea/pointers to where to patch
the ssh-agent code.
The issue is that the output from ssh-agent (the part that
outputs the PID and SOCK data is put out on stdout, which
is bufferred, and does not get flushed under cygwin. The
patch is to place a fflush statement after the output so that
when you redirect stdout to your .ssh-agent file, something
actually appears within the file.
On Wed, 23 Feb 2005 08:41:13 -0800, Karl M wrote:
>>From: Jim Kleckner
>>Subject: ssh-agent and /tmp/ssh-* removal at logout
>>Date: Wed, 23 Feb 2005 06:18:50 -0800
>>
>>ssh-agent leaves stale directories named /tmp/ssh-xxxx
>>that contain the named pipe for authentication.
>>These left over directories come about when you log out
>>or shut down the computer without stopping ssh-agent
>>either by running keychain to shut it down or sending it
>>a SIGHUP to exit and clean up.
>>
>>Could ssh-agent catch the shutdown message and thus
>>do the proper cleanup? What would that entail?
>>
>>Jim
>>
>>I noticed that in Karl's script to start keychain:
>> http://sourceware.org/ml/cygwin/2004-03/msg00167.html
>>that he removes any /tmp/ssh-* pre-existing and presumed
>>stale directories left over by dead ssh-agent processes
>>and this assumes that there is only one ssh-agent per machine.
>>Not as good as actually getting rid of the source of the
>>zombie directories.
>>
>Actually, it does not assume that there is only one ssh-agent process per
>machine. I routinely use it with ssh-agents processes for multiple users.
>The files for other users are protected so that they can not be deleted.
>Thus, only the current user's tmp files are deleted.
>I'm in the process of doing some clean-up work and trying out keychain
>2.5.1. I am also adding ${HOSTNAME}.cmd file creation for use with Windows
>shell scripts. If there is interest, perhaps I should offer to maintain
>keychain, with additional support for launching it from a service. Launching
>keychain from a service allows the ssh-agent process to survive logout, so
>you only type a passphrase once per reboot instead of once per login.
>Thanks,
>...Karl
>--
>Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
>Problem reports: http://cygwin.com/problems.html
>Documentation: http://cygwin.com/docs.html
>FAQ: http://cygwin.com/faq/
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/