Recently I was fiddling with ssh, ssh-agent and such. I created login.mine and logout.mine in ~/Library/init/tcsh/ to start and set up ssh-agent. I did it wrong so I removed them again. Now my problem, ssh-agent continues to start up EVERY time i open a Terminal window.... Needless to say, this annoys me VERY much, especially if I have just opened and closed 6-23 Terminal windows for various tasks...

Please help...

from the ssh-agent man pages:

...

-k Kill the current agent (given by the SSH_AGENT_PID environment
variable).
...


sounds like you have the ssh-agent daemon running watching for logins ?


--
if it bleeds, we can kill it.

In the beginning I set up the login.mine file like this:
eval `ssh-agent`; ssh-add ~/.ssh/id_rsa; ssh-add ~/.ssh/id_dsa;

and my logout.mine:
kill $ssh_agent_pid (when eval `ssh-agent` is run this is set as a environment variable.

This didn't work, so I deleted these files and made aliases to do my dirtywork..

But ssh-agent still starts up everytime I open a new shell, I have to kill it in everyshell I open, which is REALLY annoying...

P.S. the reason why my login/logout combo didn't work was that the commands that ssh-agent uses at startup weren't available...

God I love google. I was going to say sometimes, but I won't bother. Unconditional love. Endless love (and if anyone's expecting an "Obmusic: Diana Ross and Lionel Ritchie" aside they'd better think again!). This thread made me remember how much of a pain it used to be managing ssh-agents. The core difficulty relates to the fact that terminal windows don't "spawn" from each other. Instead, as a couple of other threads on these boards have noticed (cf "mesg y" problems) each one is pretty much a separate login. Have I mentioned that I don't love Terminal.app? Yep, I thought so.

Anyway, I'm raving again, but will try and get to the point. There's a wonderful yet strangely shy login helper called "SSHAgentServices for Mac OS X" that alleviates pretty much all the pain. Yep, it runs like a .login item would on another unix platform: that is, all your terminal windows have access to the single ssh-agent it enables. What this means is you only need add an identity in one window to have it available in all others. Hooray for Kevin van Vechten!

The link, the link...


http://cory.eecs.berkeley.edu/~kevinvv/SSHAgentServices

With this installed you simply log in as normal, open a terminal window, and enter

% ssh-add

to add your default identity to the ssh-agent (assuming that you've made one for yourself). And give your passphrase once. You're now on your way until you either log out or kill the ssh-agent or (more likely) remove the identities via ssh-add -d (to "subtract" the default identity) or ssh-add -D (to "subtract" the lot). The latter couple are particularly handy if you work in an "open" environment, and don't happen to trust your colleagues all that much!

I hope that's helpful for someone. I'd quite forgotten what a royal pain it used to be remembering which terminal windows were agent-enabled and which weren't.

[[Hmm, just reread my first paragraph: so what's this got to do with google? Well I hadn't bookmarked the link above, and couldn't find the reference to the existence of the plugin in any of my mailboxes. So I went to my ~/src directory (in which lies the vast majority of .tar.gz/.tgz files I've downloaded), saw the name of the item, and just fed it to the monster.
Bang, bang, bang. Out pop the links. Forget local information storage mechanisms for this kind of thing, it's far slower than searching online.]]

Cheers,
Paul

Thanks, that solves the problem that spawned my current problem.

the next time i visit google and it's all sticky, i'll know why.

curious...

from Kevin V's ssh-add page:

> Note: It appears that the Finder does not pass environment variables to
> launched applications. Therefore applications needing to use the ssh-agent > should be launched from the Dock.

could someone give me an example of an app needing ssh-agent? and does this presume that the dock does have env variables, or just invokes a 'login' type behavior when launching that ssh-agent sees? i so confused.

curiouser... after installing K.V.'s login plugin, my email app asked for keychain authentication. what other apps might do this? and is it just the first instance of an app that needs auth that will trigger this?

i guess i got some learnin' to do, but i'm afraid of the paul-google spawn.

(obSong: Asylum Street Spankers: If I Were You)

http://www.bored.com/nosepilot/real.html - select 'anglais'

ObPhilosopher: Plato! (I'm talking about love and you're making it sound like I'm lustin' for a thrustin').

An app needing ssh-agent? Err, how about Terminal.app? That's the archetypal recipient of the functionality offered by Kevin's login app.

As for your email app: are you sure that's not just a function of having to log out and log back in again? After all, I'd guess it's trying to access your keychained email password. (That is: don't you always have to unlock the keychain after such an event: and if not, why not (damn it!)?) I don't think that the agent would invoke such behaviour by itself, but am prepared to be disabused of this belief.

The message from the ssh-add page that your referred to is probably intended to underline the slightly sad fact that the agent won't be visible to, say, xterm instances launched from within XDarwin (or whatever layer you've got over XDarwin: OroborOSX in my case).

ObMusic: The Divine Comedy, A Short Album About Love [[AARGH: the forum has a stupid bloody obscenity checker. Suffice to say that the starred word starts with 's', and ends with 'hit'.]]

"...
And if I were you
I wouldn't let
The **** you get
From me get the better of you

...If I were you
..."

Cheers,
Paul

Oh...my sweet Lord... guys

if "I were you"... I would remember that

all things must pass...

http://www.allthingsmustpass.com/index.html

(remembering George)

Cheers...

Originally posted by pmccann
ObPhilosopher:
As for your email app: are you sure that's not just a function of having to log out and log back in again? After all, I'd guess it's trying to access your keychained email password. (That is: don't you always have to unlock the keychain after such an event: and if not, why not (damn it!)?)

yes, i'm sure.

no, and that's what's odd. i don't get keychained consistantly. why not, damn it?!

[obSong: Conscience I'm Guilty, Jimmie Heap & The Melody Masters]

Okay...

Btw, any thoughts on my Terminal problem? Like files that I could look into to see if there is something I have done wrong? (I thought I had only modified the login.mine and logout.mine files that I created but...) :)

Can you remember, if you modified another file after you created login.mine and logout.mine, did you touched somethings else?

Cheers...

The only files I have ever modified concerning the Terminal are teh ones residing in ~/Library/init/tcsh/ and the ~/. files (.cshrc to be exact). This thing is driving me nuts...

Does it happen if you simply enter "tcsh" in a currently open window? That eliminates a batch of the potential troublespots. You might try trawling through anything with csh or log in the filename in your home directory and see if it produces any likely candidates.

% find . \( -name \*log\* -user username -type f \) -exec grep -H "ssh-add" {} \;

and the same with csh instead of log. (Obviously change the word "username" unless that just happens to be your username.) These are way overkill, and will take half a minute of so to run. (They're also somewhat silly in this context, but I have to write them down somewhere having taken the time to get them pretty much right! They'll work fine, but there's really very few files that we need to be searching, so going through the lot is somewhat suboptimal!). Can't harm to run them in any case.

More helpfully, there's a really full list of all the candidate files in the "Best way to set environment?" thread. If the two commands above fail there's not that many left: the central files (in /usr/share/init/tcsh) are one possibility. Just try something like

% grep -H "ssh-add" /usr/share/init/tcsh/*

to rule out having changed those.

The only other place should be the files in ~/Library/init/tcsh/, so

% grep -H "ssh-add" ~/Library/init/tcsh/*

should flush the little beggar out if it's hiding in there.

Best of luck,
Paul

I went through all those searches and came up with my aliases and nothing else...

I tried commenting my aliases out and that worked.. ???? Why???

Here they are:
##alias az.ssha "eval `ssh-agent`; ssh-add ~/.ssh/id_rsa; ssh-add ~/.ssh/id_dsa;"
##alias az.sshk 'kill -9 $SSH_AGENT_PID'

Why does something in my alias file launch ssh-agent??

Plus: Every time I exit a shell now, it complains about SSH_AGENT_PID being a undefined variable, what the fart is going on??

because double quotes allow command interpolation. your alias name was being set AND the alias value "command" was being executed.

if you had

alias foo 'bar'

with single ticks, command interpolation would be off.

i think.

did you put something in your .logout or logout.mine to execute your kill ssh alias ?

try that find again just looking for "ssh" and that should find all occurances of your issue. i think.

--
don't drink and drive OSX