This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: ssh-agent and /tmp/ssh-* removal at logout


I think keychain as a service would be nice.  I currently
use a modified version of ssh-agent as a service, and 
it works pretty well.  I just have to remember to replace
the ssh-agent with my patched version any time the
ssh package gets updated.

And, yes, I have offered a patch upstream as well as the 
other guy who gave me the idea/pointers to where to patch
the ssh-agent code.

The issue is that the output from ssh-agent (the part that 
outputs the PID and SOCK data is put out on stdout, which
is bufferred, and does not get flushed under cygwin.  The
patch is to place a fflush statement after the output so that
when you redirect stdout to your .ssh-agent file, something 
actually appears within the file.

On Wed, 23 Feb 2005 08:41:13 -0800, Karl M wrote:



>>From: Jim Kleckner
>>Subject: ssh-agent and /tmp/ssh-* removal at logout
>>Date: Wed, 23 Feb 2005 06:18:50 -0800
>>
>>ssh-agent leaves stale directories named /tmp/ssh-xxxx
>>that contain the named pipe for authentication.
>>These left over directories come about when you log out
>>or shut down the computer without stopping ssh-agent
>>either by running keychain to shut it down or sending it
>>a SIGHUP to exit and clean up.
>>
>>Could ssh-agent catch the shutdown message and thus
>>do the proper cleanup?  What would that entail?
>>
>>Jim
>>
>>I noticed that in Karl's script to start keychain:
>>  http://sourceware.org/ml/cygwin/2004-03/msg00167.html
>>that he removes any /tmp/ssh-* pre-existing and presumed
>>stale directories left over by dead ssh-agent processes
>>and this assumes that there is only one ssh-agent per machine.
>>Not as good as actually getting rid of the source of the
>>zombie directories.
>>
>Actually, it does not assume that there is only one ssh-agent process per 
>machine. I routinely use it with ssh-agents processes for multiple users. 
>The files for other users are protected so that they can not be deleted. 
>Thus, only the current user's tmp files are deleted.

>I'm in the process of doing some clean-up work and trying out keychain 
>2.5.1. I am also adding ${HOSTNAME}.cmd file creation for use with Windows 
>shell scripts. If there is interest, perhaps I should offer to maintain 
>keychain, with additional support for launching it from a service. Launching 
>keychain from a service allows the ssh-agent process to survive logout, so 
>you only type a passphrase once per reboot instead of once per login.

>Thanks,

>...Karl



>--
>Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>Problem reports:       http://cygwin.com/problems.html
>Documentation:         http://cygwin.com/docs.html
>FAQ:                   http://cygwin.com/faq/





--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]