Date: Tue, 11 Sep 2001 11:19:54 +0200 (CEST) From: Martti Kuparinen <martti.kuparinen@iki.fi> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/30506: keychain fixes Message-ID: <200109110919.f8B9Js412973@dhcp118.verkstad.net>
next in thread | raw e-mail | index | archive | help
>Number: 30506 >Category: ports >Synopsis: keychain fixes >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Sep 11 02:20:00 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Martti Kuparinen >Release: FreeBSD 4.4-RC i386 >Organization: >Environment: System: FreeBSD dhcp118 4.4-RC FreeBSD 4.4-RC #1: Fri Sep 7 14:14:04 CEST 2001 root@dhcp118:/usr/obj/usr/src/sys/KAYAK i386 >Description: Change the filename from .ssh-agent to .ssh-agent-`hostname` or people will have problems with NFS mounted home directories as the ssh-agent's pid doesn't match with the config file's idea of pid... >How-To-Repeat: >Fix: diff -ru /usr/ports/security/keychain/Makefile keychain/Makefile --- /usr/ports/security/keychain/Makefile Mon Sep 10 10:13:31 2001 +++ keychain/Makefile Tue Sep 11 11:14:18 2001 @@ -7,6 +7,7 @@ PORTNAME= keychain PORTVERSION= 1.2 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.ibiblio.org/gentoo/distfiles/ diff -ru /usr/ports/security/keychain/files/patch-keychain keychain/files/patch-keychain --- /usr/ports/security/keychain/files/patch-keychain Mon Sep 10 10:13:34 2001 +++ keychain/files/patch-keychain Tue Sep 11 11:12:13 2001 @@ -1,29 +1,79 @@ ---- keychain.orig Mon Sep 10 06:42:47 2001 -+++ keychain Mon Sep 10 08:54:24 2001 -@@ -59,7 +59,7 @@ +$NetBSD$ + +--- keychain.orig Mon Sep 10 04:42:47 2001 ++++ keychain Tue Sep 11 08:30:24 2001 +@@ -46,20 +47,20 @@ + + Keychain is an OpenSSH key manager, typically run from ~/.bash_profile. When + run, it will make sure ssh-agent is running; if not, it will start ssh-agent. +- It will redirect ssh-agent's output to ~/.ssh-agent, so that cron jobs that +- need to use ssh-agent keys can simply source this file and make the necessary +- passwordless ssh connections. In addition, when keychain runs, it will check +- with ssh-agent and make sure that the ssh RSA/DSA keys that you specified on +- the keychain command line have actually been added to ssh-agent. If not, you +- are prompted for the appropriate passphrases so that they can be added by +- keychain. ++ It will redirect ssh-agent's output to ~/.ssh-agent-\`hostname\`, so that cron ++ jobs that need to use ssh-agent keys can simply source this file and make the ++ necessary passwordless ssh connections. In addition, when keychain runs, it ++ will check with ssh-agent and make sure that the ssh RSA/DSA keys that you ++ specified on the keychain command line have actually been added to ssh-agent. ++ If not, you are prompted for the appropriate passphrases so that they can be ++ added by keychain. + + Typically, one uses keychain by adding the following to the top of their + ~/.bash_profile (or ~/.zshrc, in case of zsh): EOHELP echo -e " ${CYAN}keychain ~/.ssh/id_rsa ~/.ssh/id_dsa" -echo -e " source ~/.ssh-agent > /dev/null${OFF}" -+echo -e " . ~/.ssh-agent > /dev/null${OFF}" ++echo -e " . ~/.ssh-agent-\`hostname\` > /dev/null${OFF}" echo -e " # the > /dev/null eliminates the redundant agent PID output" echo cat <<EOHELP -@@ -109,7 +109,7 @@ - chmod 0600 ~/.ssh-agent +@@ -86,8 +87,9 @@ + echo + cat <<EOHELP + This option tells keychain do everything it normally does (ensure ssh-agent is +- running, set up the ~/.ssh-agent file) except that it will not prompt you to +- add any of the keys you specified if they haven't yet been added to ssh-agent. ++ running, set up the ~/.ssh-agent-\`hostname\` file) except that it will not ++ prompt you to add any of the keys you specified if they haven't yet been ++ added to ssh-agent. + + EOHELP + echo -e " ${GREEN}--stop${OFF}" +@@ -102,14 +104,14 @@ + fi + + +-if [ ! -f ~/.ssh-agent ] ++if [ ! -f ~/.ssh-agent-`hostname` ] + then +- echo -e " ${GREEN}*${OFF} Initializing ~/.ssh-agent file..." +- touch ~/.ssh-agent || ( echo "$0: Cannot create ~/.ssh-agent, exiting." 1>&2 && exit 1 ) +- chmod 0600 ~/.ssh-agent ++ echo -e " ${GREEN}*${OFF} Initializing ~/.ssh-agent-`hostname` file..." ++ touch ~/.ssh-agent-`hostname` || ( echo "$0: Cannot create ~/.ssh-agent-`hostname`, exiting." 1>&2 && exit 1 ) ++ chmod 0600 ~/.ssh-agent-`hostname` SSH_AGENT_PID="NULL" else - source ~/.ssh-agent > /dev/null -+ . ~/.ssh-agent > /dev/null ++ . ~/.ssh-agent-`hostname` > /dev/null fi match="no" -@@ -130,7 +130,7 @@ - chmod 0600 ~/.ssh-agent +@@ -127,10 +129,10 @@ + + if [ "$match" = "no" ] + then +- chmod 0600 ~/.ssh-agent ++ chmod 0600 ~/.ssh-agent-`hostname` echo -e " ${GREEN}*${OFF} starting new ssh-agent" - nohup ssh-agent > ~/.ssh-agent +- nohup ssh-agent > ~/.ssh-agent - source ~/.ssh-agent > /dev/null -+ . ~/.ssh-agent > /dev/null ++ nohup ssh-agent > ~/.ssh-agent-`hostname` ++ . ~/.ssh-agent-`hostname` > /dev/null fi if [ -n "`echo $* | grep '\-\-clear'`" ] >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109110919.f8B9Js412973>