dams's Journal http://use.perl.org/~dams/journal/ dams's use Perl Journal en-us use Perl; is Copyright 1998-2006, Chris Nandor. Stories, comments, journals, and other submissions posted on use Perl; are Copyright their respective owners. 2012-02-08T23:38:59+00:00 pudge pudge@perl.org Technology hourly 1 1970-01-01T00:00+00:00 dams's Journal http://use.perl.org/images/topics/useperl.gif http://use.perl.org/~dams/journal/ keychain http://use.perl.org/~dams/journal/35747?from=rss <p>On our way back from FOSDEM, I had a quick discussion about ssh with Chris, and it motivated me to clean up all my ssh keys, passphrases, agents.</p><p>So now I use different keys for work and home, and ssh keychain on both.</p><p>Next move is to add my work identity to my home session to be able to connect directly to servers at work without having to go through my workstation at work. Without putting my home private id on my machine at work, nor copying my home public id on all servers at work. It should be possible I've heard<nobr> <wbr></nobr>:)</p><p>Anyway, here is briefly how I did it : <code>ssh-keygen</code> (dsa as main key). Then install keychain (see <a href="http://www.gentoo.org/proj/en/keychain/">http://www.gentoo.org/proj/en/keychain/</a> and configure it a bit. I added the following script in<nobr> <wbr></nobr>/etc/profile.d/keychain.sh (gentoo host), and I plan to use <a href="http://www.sshkeychain.org/">http://www.sshkeychain.org/</a> on my mac.</p><p> <code> #!/bin/bash<br> # start keychain, with the private keys to be cached<br><nobr> <wbr></nobr>/usr/bin/keychain ~/.ssh/id_dsa<br> # then load the generated files<br> for i in ~/.keychain/*-sh*; do<br> echo "sourcing $i"<br> source $i<br> done<br> </code> </p><p>I know, I know, everybody is supposed to know everything about ssh, but I'm happy to admit that I learnt 2 or 3 things while setting up everything properly. Besides, how many of you have no passphrase on your ssh key ?<nobr> <wbr></nobr>:)</p> dams 2008-02-25T12:07:41+00:00 journal