On Wed, Dec 30, 2009 at 08:07:07AM +0000, keithjamieson@hotmail.co.uk wrote:
Date: Mon, 28 Dec 2009 17:18:21 +0000 From: cl@isbd.net To: main@lists.alug.org.uk Subject: Re: [ALUG] FW: Some success with seahorse and
gnome-keyring-daemon at last
On Sun, Dec 20, 2009 at 09:42:30AM +0000, keithjamieson@hotmail.co.uk
wrote:
oops ... cant use email though :)
From: keith To: cl@isbd.net Subject: RE: [ALUG] Some success with seahorse and
gnome-keyring-daemon at
last Date: Sun, 20 Dec 2009 09:41:32 +0000
Date: Fri, 18 Dec 2009 17:41:06 +0000 From: cl@isbd.net To: main@lists.alug.org.uk Subject: [ALUG] Some success with seahorse and gnome-keyring-daemon
at
last
Now I'm off to those external systems to make them a bit more secure as regards logging into the home system. It's a pity there aren't
any
'hooks' in ssh-agent and login that would allow you to do the same
for
direct ssh logins as happens with Gnome/KDE, then you could do the same sort of thing and enter only one password for connecting
onwards.
Or do you mean passwordless SSH logins? Yes you can. One method is
here...
http://www.linuxconfig.org/Passwordless_ssh .. but you needto make sure ssh-agent is running to add the keys to
the
remote system.
As I keep saying (to myself apparently) ssh-agent *doesn't* provide passwordless (as in no user interaction) logins. It just allows you to enter a passphrase once per session. It is entirely useless for unattended backups etc. (unless you leave yourself logged into a system permanently which rather makes the whole idea pointless).
I'll have to tell my systems at work that they should not work then! Sorry Chris but they seem to have been working for years, maybe its 'cos I used the same login password as the passphrase??? Maybe 'cos it Solaris. Maybe 'cos I read the instructions. Maybe 'cos I sacrifice goats to the full moon.
Yes, it works when you're there and logged into the system because you've provided ssh-agent (or gnome-keyring-daemon) with the key phrase.
For unattended operation, as I keep saying, that's useless because you're not there and logged into the system.
Please stop telling people it cannot be done, just because *you* have not done it. I can agree to disagree, but some people take the info from these lists as gospel.
I suspect the problem is that you haven't realised what I mean by *unattended* operation. I want the backup to run at two in the morning (or whatever) when there's no one logged into the system and thus there's no way that ssh-agent (or anything similar) can have that passphrase.