OpenSSH Version 2.9p1 of "ssh-add $HOME/.ssh/id_rsa < /dev/null" fails on the first try of using ssh-askpass before the window manager starts. The second try works. The error message on the first try is "Bad passphrase, try again". This did not occur using OpenSSH-2.5.2p2.tar.gz. I've tested this on both RHL6.2 and RHL7.1, both with all RH rpm updates applied. I installed gnome-ssh-askpass as /usr/local/libexec/ssh-askpass. Replacing /usr/local/bin/ssh-add compiled from version 2.5.2p2 cures the problem. Each version of OpenSSH was compiled from the above *.tar.gz files using: ./configure --with-pam --enable-gnome-askpass --with-tcp-wrappers make I'm using ssh-askpass before starting Gnome proper by putting the following line at the top of my .xsession file which was copied from /etc/X11/xinit/Xclients: [ -r $HOME/.ssh/id_rsa ] && ssh-add $HOME/.ssh/id_rsa < /dev/null I changed /etc/X11/xdm/Xsession so ssh-agent runs as the root of my session. Here're the relevant lines: sshagent [ -d $HOME/.ssh ] && sshagent=ssh-agent exec $sshagent gnome-session I also note that, after logging in, executing the 2.9p1 version of "ssh-add < /dev/null" works on the first try. Regards, John -- John Dunlap University of Washington Senior Electrical Engineer Applied Physics Laboratory dunlap at apl.washington.edu 1013 NE 40th Street 206-543-7207, 543-1300, FAX 543-6785 Seattle, WA 98105-6698
On Thu, 10 May 2001, John Dunlap wrote:> OpenSSH Version 2.9p1 of "ssh-add $HOME/.ssh/id_rsa < /dev/null" > fails on the first try of using ssh-askpass before the window manager > starts. The second try works. The error message on the first try is > "Bad passphrase, try again".Does this help? Index: readpass.c ==================================================================RCS file: /var/cvs/openssh/readpass.c,v retrieving revision 1.13 diff -u -r1.13 readpass.c --- readpass.c 2001/05/02 01:30:33 1.13 +++ readpass.c 2001/05/10 22:57:44 @@ -69,7 +69,7 @@ fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); } close(p[1]); - len = read(p[0], buf, sizeof buf); + len = atomicio(read, p[0], buf, sizeof buf); close(p[0]); while (waitpid(pid, &status, 0) < 0) if (errno != EINTR) -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer
> OpenSSH Version 2.9p1 of "ssh-add $HOME/.ssh/id_rsa < /dev/null" > fails on the first try of using ssh-askpass before the window manager > starts. The second try works. The error message on the first try is > "Bad passphrase, try again".Another symptom: one must type the pass phrase correctly on both the first and second try or the agent is not updated. -- John