Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'how to make it so much easier AND SECURE :)' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
how to make it so much easier AND SECURE :)
Authored by: fredcondo on Jan 25, '03 05:29:42PM

The method above is great, except that it probably creates the socket with 755 permissions. The pipe should be readable only by you. I use this script to implement your suggestion. I know it seems a little fancy; I got the basic idea from a hint somewhere, and was already using the script. When I made the path of the socket file invariant, I also added the three umask commands to protect the socket from prying eyes.

#!/bin/sh -
# checks for running ssh-agent, and starts one if not running

SSH_ENV=$HOME/.ssh/environment.setup
PIPE=some_made_up_string
function start_agent {
echo -n "Initializing new ssh-agent ... "
touch ${SSH_ENV}
ssh-agent -a /tmp/$PIPE > ${SSH_ENV}
. ${SSH_ENV} > /dev/null

ssh-add $HOME/.ssh/id_rsa $HOME/.ssh/id_dsa && \
ssh-add -l

}

OUMASK=`umask`
umask 077
if [ -f ${SSH_ENV} ]; then

. ${SSH_ENV} > /dev/null
ps ${SSH_AGENT_PID} | grep "ssh-agent" > /dev/null 2>&1

if [ $? -ne 0 ]; then
start_agent
fi

else
start_agent
fi
umask $OUMASK



[ Reply to This | # ]