ssh-agent startx [args...]
~/.xsession(except on Suns where they never left the past and still use the ancient filename
~/.xinitrc). ssh-agent can be incorporated in the startup by doing something like this:
mv -i ~/.xsession ~/.xsession.script cat > ~/.xsession #! /bin/sh /path/to/your/ssh-agent $HOME/.xsession.script ^D chmod +x .xsessionHenceforth xdm will run ssh-agent which will run the X session script. The agent will terminate when the session terminates.
~/.xsession. Note that this makes use of my fsa script in a fashion that supports logins through the login widget of the gnome display manager as well as text-based logins on virtual consoles that are not running the X server.
#! /bin/bash # see if there is already an agent, else start one eval `fsa -f sla` if [ -e "$HOME/.Xclients-$HOSTNAME$DISPLAY" ]; then exec $HOME/.Xclients-$HOSTNAME$DISPLAY else exec $HOME/.Xclients-default fi
~/.xsession. Things are more complicated if you are running more than one X server (presumably of different bit depths) on different virtual consoles. I have a solution for this which makes use of my fsa script.
Conceptually, the setup for CDE is similar to the above example for xdm. It was not fun, however, and with no apology I leave this as an excercise for the reader.
eval `ssh-agent`into their
~/.profile(or some other login startup file).
Users of C-like shells can place
eval `ssh-agent -c`into their
~/.login(or some other login startup file).
Note that if the agent is started in this fashion it will
background itself and persist until explicitly killed.
Killing it might be a suitable thing to do in a
~/.logout (or some other logout procedure).
Also note that if this is a rlogin or telnet session then the passphrase for authorizing ssh-agent to hold the key will be transmitted in the clear over the net. It makes more sense to be using ssh-agent and ssh on the machine from which such sessions originate.
Ideally the entire set of steps of key generation as well as the running of the equivalent of ssh-agent would be done on the PC or Mac. That way the private key would be made available to the command line session on the Unix host whence the CVS access will actually occur. Whether or not this is possible remains to be investigated. Volunteers?