[arch-general] Starting gpg-agent on X login (gdm)

Magnus Therning magnus at therning.org
Mon Apr 27 10:05:32 EDT 2009


2009/4/27 Frédéric Perrin <frederic.perrin at resel.fr>:
> Le Lundi 27 à 5:12, Shridhar Daithankar a écrit :
>> Hmm.. I use kde and there is nothing for ssh-agent in /etc. I think it
>> should go in shell startup so that even non-gui session have ssh-agent
>> too.
>
> I would agree with that. Having it enabled for everyone, I'm not sure.
> You should consider adding it to /etc/skel if you have several users and
> you want it to be pre-configured for every user you wall add.

AFAIU it has to go in both.  I need the agent running in X, my shell
startup isn't run when I log into X (at least not via GDM, I doubt
it's ever run).

>> #Start ssh-agent. Don't want to use agent from last session if it persits at
>> all.
>>
>>> Should I look into using seahorse instead of {ssh,gpg}-agent?
>>
>> and I got to find a KDE equivalent too. :)
>
> Choose a desktop agnostic one : keychain will automagically start
> {ssh,gpg}-agent or use one if it is available. I find it nice to log in
> into my desktop computer on the morning, unlock my SSH keys, and then
> when later I'm moving, I can log back to my desktop and from there use
> my SSH key to login to further machines. I guess it depends on your
> computing habits. And well, I you really want only one daemon, you can
> still tell keychain ot use gpg-agent's --enable-ssh-support (I never
> tried).
>
> Just add to your .${SHELL}login :
>
> keychain
> . ~/.keychain/chameau-sh
> . ~/.keychain/chameau-sh-gpg

Thanks for the pointer to keychain.  It's really only a replacement
for ssh-agent though, not for gpg-agent.  I've done some digging and
it seems the Gnome way of doing this is to have ssh-agent start
dbus-launch, which in turn starts seahorse, which then starts
gnome-session.  Somewhat complicated, then I have to look into
replacing ssh-agent by keychain :-)

I'll report back as soon as I have my modfied GDM script and shell
startup skeleton.

/M

-- 
Magnus Therning                        (OpenPGP: 0xAB4DFBA4)
magnus@therning.org          Jabber: magnus@therning.org
http://therning.org/magnus         identi.ca|twitter: magthe


More information about the arch-general mailing list