 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Thu, 21 Apr 2005 09:24:54 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
This does appear to be a bug with xinitrc. For reference, the related
bug is described at the following address:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134494
I've found an SRPM in the rawhide tree which seems to solve this
problem. I think the vendor was reluctant to commit it to the
enterprise 4 release because it has not been tested enough. You might
want to use it but that is your call and at your own risk. That said,
It works well for me so far, so I'll probably use it in my production
environment.
The source came from:
http://download.fedora.redhat.com/pub/fedora/linux/core/development/SRPMS/xinitrc-4.0.18-1.src.rpm
I recompiled it myself and placed the rpm at:
http://www.math.ku.edu/os/rhel4_addons/xinitrc-4.0.18-1.noarch.rpm
Brett Viren wrote:
> Gerald Teschl <[log in to unmask]> writes:
>
>
>>most of our boxes are used by visitors. For ever visitor logging in
>>and out I have about 1-2 ssh-agent processes which keep runnding plus
>>a number of gnome processes (gconf, bonobo, evolution, ...)
>
>
> Can't speak to the gnome stuff but the othere is most likely due to
> improper ssh-agent usage (user error). There are two solutions:
>
> - Encourage the users to kill the agent in their .logout (tcsh) or
> .bash_logout (bash) scripts.
>
> - Encourage the users to not start the agent in .login/.profile but
> rather start/stop it in .xinitrc (or .Xsession if using [XGK]DM).
>
> Here is a chunk from our experiment's docs that give the details:
>
> Get an ssh-agent to run in your interactive sessions
> There are a number of ways to make your use of SSH keys easier. With out them you will have to type in your pass phrase every time you access the repository. It will quickly become obvious that it is worth the effort to set up one of these two methods:
>
> * Create a per-shell agent:
> To get an ssh-agent running in your interactive sessions put this in your shell setup file:
>
> # For tcsh this goes in $HOME/.login
> if ( ! $?SSH_AUTH_SOCK ) then
> eval `ssh-agent -c`
> ssh-add
> endif
>
> # For bash this goes in HOME/.bash_profile (or similar)
> # $HOME/.profile
> if [ -z "$SSH_AUTH_SOCK" ] ; then
> eval `ssh-agent -s`
> ssh-add
> fi
>
> This will start the ssh-agent.
>
> To kill the ssh-agent when you're done put this in your shells logout file ($HOME/.logout for tcsh, $HOME/.bash_logout for bash):
>
> ssh-agent -k
>
> * Create a per-X-session agent:
> An alternative to the above is to start and stop the ssh-agent with your X session. This is done by adding the following code into your .Xclients, .xinitrc or .xsession files.
>
>
> #!/bin/sh
> # (can use /bin/sh even if your interactive shell is tcsh)
>
> # Start the SSH agent which can hold your keys in memory
>
> eval `ssh-agent -s`
>
>
> # Call ssh-add to add some keys. Redirecting /dev/null should trigger
> # the use of a graphical password asker (ssh-askpass). See the man
> # page for ssh-add for more details. Instead of putting this here,
> # you can instead add this in your Desktop (eg, GNOME/KDE) session
> # startup area.
>
> ssh-add < /dev/null
>
>
> # Here add any other X initialization, like starting some X clients
> # or window manager or desktop. The below is an example for GNOME.
>
> gnome-session
>
>
>
> # when reaching here, the desktop/windowmanager has shutdown, so kill
> # off the agent. Doing the "eval" clears out the environment
> # variables created when the agent was first started.
>
> eval `ssh-agent -k`
>
>
> -------------
>
> -Brett.
--
Gregory Harris
Network Specialist
Department of Mathematics
The University of Kansas
[log in to unmask]
(785) 864-7311
|
|
|
