[vox-tech] ssh-agent question

Ryan Castellucci vox-tech@lists.lugod.org
Wed, 8 Oct 2003 12:47:56 -0700


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 08 October 2003 07:00 am, p@dirac.org wrote:
> hi all,
>
> i've heard it said if you use ssh-agent, your passphrase is cached so
> you can log in to a computer without your passphrase after the 1st
> login.
>
> i've used rsa authentication, but have never used ssh-agent.  so i've
> always had to enter my passphrase whenever logging in to a host.
>
> yesterday i created id_dsa.pub and started to play around.  here's what
> i found:
>
>
> 1. if the remote .ssh/authorized_keys2 only has the id_rsa.pub, i need
>    to enter my passphrase each time, since i haven't used ssh-agent yet=
=2E
>
> 2. if the remote .ssh/authorized_keys2 has both id_rsa.pub and
>    id_dsa.pub, it asks me for my id_rsa passphrase each time, since i
>    haven't used ssh-agent yet.
>
> 3. if the remote .ssh/authorized_keys2 only has id_dsa.pub, i only need
>    to enter my passphrase ONCE.  after that, my passphrase is presumabl=
y
>    cached and i no longer need to enter my passphrase to ssh into the
>    remote system.
>
>
> number 3 surprises me.  i've been trying to find references to dsa keys
> being automatically cached without usine ssh-agent, and i can't find
> any.
>
> are dsa keys automatically cached?

I don't think so..... Normaly you have to run ssh-add to cache your keys.=
=2E..

- --=20
PGP/GPG Fingerprint: 3B30 C6BE B1C6 9526 7A90  34E7 11DF 44F3 7217 7BC7
On pgp.mit.edu, import with `gpg --keyserver pgp.mit.edu --recv-key 72177=
BC7`
Also available at http://www.cal.net/~ryan/ryan_at_mother_dot_com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/hGn4Ed9E83IXe8cRAiTQAJ4jKfANTujfr6TFpdNsO+nt9InK3ACeN3zB
pDvRLYLrKcdG3kcRm98Wpwc=3D
=3D6TyK
-----END PGP SIGNATURE-----