2.9p1 ssh-add/ssh-askpass first try fails

John Dunlap dunlap at apl.washington.edu
Fri May 11 03:13:00 EST 2001


OpenSSH Version 2.9p1 of "ssh-add $HOME/.ssh/id_rsa < /dev/null"
fails on the first try of using ssh-askpass before the window manager
starts.  The second try works.  The error message on the first try is
"Bad passphrase, try again".

This did not occur using OpenSSH-2.5.2p2.tar.gz.  I've tested this
on both RHL6.2 and RHL7.1, both with all RH rpm updates applied.
I installed gnome-ssh-askpass as /usr/local/libexec/ssh-askpass.

Replacing /usr/local/bin/ssh-add compiled from version 2.5.2p2 cures
the problem.

Each version of OpenSSH was compiled from the above *.tar.gz files
using:
./configure --with-pam --enable-gnome-askpass --with-tcp-wrappers
make

I'm using ssh-askpass before starting Gnome proper by putting the
following line at the top of my .xsession file which was copied from
/etc/X11/xinit/Xclients:

	[ -r $HOME/.ssh/id_rsa ] && ssh-add $HOME/.ssh/id_rsa < /dev/null

I changed /etc/X11/xdm/Xsession so ssh-agent runs as the root of
my session.  Here're the relevant lines:

	sshagent=
	[ -d $HOME/.ssh ] && sshagent=ssh-agent
	exec $sshagent gnome-session

I also note that, after logging in, executing the 2.9p1 version of
"ssh-add < /dev/null" works on the first try.

Regards,
John

-- 
John Dunlap                           University of Washington
Senior Electrical Engineer            Applied Physics Laboratory
dunlap at apl.washington.edu             1013 NE 40th Street
206-543-7207, 543-1300, FAX 543-6785  Seattle, WA   98105-6698



More information about the openssh-unix-dev mailing list