search for: keychain

Hello, I'm a Mac OS X user, and I got tired of typing my password every time I want to login, but didn't want to use ssh-agent and the like. So, I grabbed the code for OpenSSH 3.7p1, and made some modifications which allow passwords to be stored and recalled from the OS X Keychain. The reason I'm posting to this list is that I'd like to make these modifications available to others, and I'm curious whether you would be interested in including them in OpenSSH; I know that this is pretty operating-system specific (as far as I know, keychain is unique to OS X),...

Sorry; here's the message I sent with the Keychain Patch yesterday. I didn't realize that the list wouldn't extract the text parts of the message. Enjoy. Hey all, Here's the patch to let SSH store passwords in the Mac OS X Keychain. I don't know whether you guys want to include it or not with the distribution; some people...

..., Will McDonald <wmcdonald at gmail.com> wrote: > Guys, I wonder if anyone can give me any pointers here, I hope it's > CentOS related enough not to be too off topic, if it is then > apologies. Thanks to Marc and Ingimar for their suggestions, I think we've cracked it. When Keychain runs it prompts the user for their private key password then stores the ssh-agent information away in ~/.keychain/$hostname-sh and ~/.keychain/$hostname-csh. For example... [root at webdev1 ~]# cat ~apache/.keychain/`hostname`-sh SSH_AUTH_SOCK=/tmp/ssh-yheGAI4188/agent.4188; export SSH_AUTH_SOCK;...

Is there a centos recommended repository for centos 7 where I can obtain the keychain package? TIA, Pete

On 11/17/2015 11:27 AM, PS = Pete Stieber wrote: PS>> Is there a centos recommended repository for PS>> centos 7 where I can obtain the keychain PS>> package? On 11/17/2015 8:19 PM, WJ = Wes James wrote: WJ> I can only see a version for centos 6: WJ> WJ> http://pkgs.repoforge.org/keychain/ WJ> WJ> You?ll need to download the src and see if WJ>you can build it. ?? Thanks Wes, I found old web sites that suggest usin...

hello centos.. I am having a very annoying problem on my network right now. it looks like every time I try to add my ssh key to keychain I have to issue a command just to get my ssh subsystem communicating with the ssh-agent: I have this line in my .bashrc file $(keychain --eval --quick --quiet private_key1 private_key2 private_key3) If I try to perform ssh-add I get the message: [bluethundr at VIRTCENT01:~]#ssh-add Could not op...

I think what Mr. Farr is referring to is keychain support. Keychain is provided as part of OS X. Apple published an API for it. An OS X compile would store and retrieve keys from Keychain in lieu/addition to the SSH Agent. Keychain is to OS-X what the ssh-agent is to ssh. This makes perfect sense, and I haven't been sufficiently peeved to...

> On Nov 17, 2015, at 11:27 AM, Pete Stieber <pstieber at gmail.com> wrote: > > Is there a centos recommended repository for centos 7 where I can obtain the keychain package? > > TIA, > Pete I can only see a version for centos 6: http://pkgs.repoforge.org/keychain/ <http://pkgs.repoforge.org/keychain/> You?ll need to download the src and see if you can build it. ?? -wes

Hey all, Here's the patch to let SSH store passwords in the Mac OS X Keychain. I don't know whether you guys want to include it or not with the distribution; some people have said that since Keychain is not an open source product, it's not proper to put it in, while others think it's OK. I'll leave it up to you; it's served its purpose to me. The p...

Sorry meant to attach my sshd_config file.. here it is! ---------- Forwarded message ---------- From: bluethundr <bluethundr at gmail.com> Date: Sat, Jan 15, 2011 at 11:22 AM Subject: keychain problem To: CentOS mailing list <centos at centos.org> hello centos.. I am having a very annoying problem on my network right now. it looks like every time I try to add my ssh key to keychain I have to issue a command just to get my ssh subsystem communicating with the ssh-agent: I have th...

Hi! In a project I'm working on, I needed a way to run rsync in daemon mode as a regular user without having the passwords readable to everybody accessing the console. With this chance rsync falls back to Apples keychain access if no secrets file is given. You need to put the passwords into the keychain like this (I do it programmatically bit it can be done manually as well): Servicename: rsyncd Account name: <modulename>-<username> Enjoy! It would be very cool to see this as an option for the Dar...

Keychain is quite a useful tool for automating SSH logins without having to use password-less keys: http://www.gentoo.org/proj/en/keychain/ Normally it is used like this to set the SSH_AUTH_SOC and SSH_AGENT_PID variables: source ~/.keychain/hostname-sh (This is what's in hostname-sh) SSH_AUTH_SOCK=/t...

...ntOS related enough not to be too off topic, if it is then apologies. I'm attempting to setup a CGI which can connect to a remote system and execute a command. On the 'client', for the Apache user 'apache' I've given it a shell and generated a key-pair. I've configured Keychain [ http://www.gentoo.org/proj/en/keychain/ ] to load the keys for the apache user and make these persistently available via ssh-agent. I've setup a specific user 'cgissh' on the remote target system and configured its authorized_keys with apache at client's pubkey. >From the cli...

...::Key::DSA;" gives no error and no output (as expected), but on the new machine, the same line gives: www:/var/www/html/circumventor# perl -e "use Net::SSH::Perl::Key::DSA;" Math::BigInt version 1.78 required--this is only version 1.77 at /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DSA/KeyChain.pm line 4. BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DSA/KeyChain.pm line 4. Compilation failed in require at /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DSA.pm line 7. BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.8/Crypt/DSA.pm line 7. Compila...

Hi. Apple have a bunch of patches to openssh that they have folded into the version that's shipped with MacOSX. Some of these are very convenient: like automagically starting an ssh-agent at login/boot time and the ability to have SSH passphrases stored and fetched from the Keychain. It would be nice if these could be considered for rolling in to a future release of openssh. FWIW the patches are at http://www.opensource.apple.com/darwinsource/10.5.6/OpenSSH-95.1.5/patches . As far as I'm aware they're open source and not encumbered by licensing nasties.

I can''t get past the setup step in Capistrano. I know the paths are correct and I''m using zsh locally (bash on remote), so the shell shouldn''t be a problem. It never asks for the SSH password, even. Any help you could give would be greatly appreciated. Thanks. Kenneth -- => the blog from beyond <= => www.eyeheartzombies.com <=

This sounded extremely interesting to me. one suggestion I would have is to use uuencoding first on encryption and uudecode on decryption to take care of the problem you mentioned "Of course RSA puts limits on the data that can be encrypted" that should take care of that. I was looking for a way of using ssh-agent to be used to allow certain applications to get passwords. Example: I

...developers and sysadmins copy unencrypted private SSH keys around to remote hosts, wehter or not they are willing to use ssh-agent, because it's simpler. There are some helpful stopgaps to unlock and store access to a shareable ssh-agent for unattended system operations, such as using the 'keychain' perl script to configure and access SSH keys for an 'rsnapshot' or similar rsync over SSH based access. But the normal procedure is to not bother, and simply use unencryped private SSH keys. This is, in fact, written into dozens of "chef" and "puppet" system manage...

The idea behind this change is to add support for different "ssh-agents" being able to run at the same time. It does not change the current behaviour of the ssh-agent (which will set SSH_AUTH_SOCK just for itself). Neither does it change the behaviour of SSH_AGENT_PID (which still supports only one pid). The new implementation will go through the list of sockets (which are separated by a

Hi, I've noticed some ssh behaviour that I wish didn't happen. I was wondering if someone can explain how I can stop it from happening, or explain why it's unavoidable. If I ssh-with-agent-forwarding from one host to a second host, and on the second host use something like nohup/screen/tmux/daemon, and from within that new process session, start a long-running command via