Using a key
You must already know that you can use a key to connect to a machine with ssh.
First of all, let's remind it :
$ ssh-keygen # generate a key
$ ssh-copy-id me@myhost # copy the public part on myhost
$ ssh me@myhost # now we can connect
Using an agent
Alright, you know this, but you have to type your passphrase each time you connect. Hopefully, OpenSSH offers us another tool: the ssh-agent.
You know how:
$ ssh-add # add the key to the agentOk, now it's interesting, but you still have to remember to use ssh-add after each new session. And here comes new packages to automatically run an X version of ssh-add after each login. Under debian they are called ssh-askpass, ssh-askpass-fullscreen and ssh-askpass-gnome.
$ ssh me@myhost # no need to type the passphrase
Using the agent "again"
One last thing, you can always run multiple agents.
Here is a trick to give access to an ssh-key to script even with a non void passphrase.
$ #run this after each rebootThis is interactive an asks you the passphrase. Now any script calling
$ ssh-agent | head -n 2 > ~/ssh-info
$ source ~/ssh-info
$ ssh-add
$ source ~/ssh-infohas access to the secret key via the agent. Of course, it has to be run from the same user as the agent.
No comments:
Post a Comment