Contributed by Dengue on from the www.ibm.com/developerworks dept.
"OpenSSH key management, Part 3
Take advantage of OpenSSH agent connection forwarding to enhance security, and see how popular keychain shell script has evolved. http://www-106.ibm.com/developerworks/linux/library/l-keyc3?Opent=grl,l=929,p=Kp3 "
(Comments are closed)
By Anonymous Coward () on http://www.slashdot.org
By Anonymous Coward () on
Running out of useful material? This article is bootylicious.
The article is very regurgitated, and the mere fact it spans for more than 7 months in a 3-part series is just mind numbing considering the articles are devoid of any unique usefulness ( ssh-agent has been around since forever.. at least 5 or 6 years ).
His keychain script is nothing more than a little front-end, which honestly I've never really seen the need for when dealing with ssh-agent, ssh-add, etc.
Also, why does he use this in a windowed environment? The best way to use ssh-agent with any Window Manager, since we're talking about saving time and not invoking multiple ssh-agent processes for each shell, is to run ssh-agent when you invoke the Window Manager. One ssh-add and all the Window Manager child processes are ready to go for password-less login.
I guess anyone can publish lame articles these days.
*shrug*
Comments
By nulld () on
you kind of missed the point.
Comments
By Gioffreus () on
so, i've come out ahead even though i do _not_ still use keychain. why don't i still use it? well, you can do the same thing with only ~10 lines in your ~/.{,z}profile instead of ~350 in keychain. also, keychain turns a relatively simple usage scenario into an overly complex one.
so in the end, i am of the opinion that keychain is good and useful to a point... mostly as a tool for learning.
By webmaster () dengue@deadly.org on file:/dev/null
By Gioffreus () on
> Also, why does he use this in a windowed
> environment? The best way to use ssh-agent
> with any Window Manager, since we're talking
> about saving time and not invoking multiple
> ssh-agent processes for each shell, is to run
> ssh-agent when you invoke the Window Manager.
> One ssh-add and all the Window Manager child
> processes are ready to go for password-less login.
perhaps you do not understand that only _ONE_ `ssh-agent' process is invoked here. also, one `ssh-add'...