Insyteful

The Nokia N900 is a great device for *nix sytems admins. It features, among other things, a native port of both xterm and OpenSSH. Being a good sysadmin, the first thing I did was generate a new (encrypted) SSH key. The next was discover that ssh-agent was not managed by the OS so that all processes have access to the $SSH_AUTH_SOCK variable. As I was not feeling quite adventurous enough to hack up the somewhat non-standard boot process / X startup, I needed to find a different way.

With a little trial and error I was able to come up with a brief snippet of code to include in ~user/.profile to ensure that I always have access to ssh-agent and can share that agent between numerous xterm sessions.

This is what I did:

# cat ~user/.profile

unset SSH_AUTH_SOCK
unset SSH_AGENT_PID

if [[ -f ~/.ssh-agent ]]
then
        source ~/.ssh-agent >> /dev/null
fi

ssh-add -l 2>&1 > /dev/null
r=$?
if [[ $r == 2 ]]
then
        echo No agent.
        pkill ssh-agent
        ssh-agent -t 5400 > ~/.ssh-agent
        source ~/.ssh-agent > /dev/null
fi

What does it do?

First I check to see if ~/.ssh-agent exists. If it does, it should contain the details for the last ssh-agent instance launched. By sourcing that file, the appropriate environment variables are set allowing ssh and ssh-add to find the (possibly) running agent.

Next, I attempt to execute ssh-add -l, which if an agent is running and has a key loaded, would list the loaded keys. If ssh-add -l exited with 2, that means either there isn't an ssh-agent running or that we can't find it. In either case, next I attempt to kill off any running instances of ssh-agent and launch a new one, caching the details in ~/.ssh-agent.

Note the -t 5400 option on ssh-agent. That dumps any loaded keys after 90 minutes. I don't want to leave unencrypted ssh keys lying around in such an easily stolen package...