using ssh-add unattended on dubious files -- how can i avoid a hang?

Daniel Kahn Gillmor dkg-openssh.com at fifthhorseman.net
Thu Aug 21 09:46:22 EST 2008


On Wed 2008-08-20 18:27:59 -0400, Jim Knoble wrote:

> Have you tried running ssh-add via setsid(1)?

Thanks, Jim!  I didn't know about setsid, and it appears to be what
i'm looking for.

The only remaining irritation is that ssh-add returns a status code of
0 rather than the expected non-zero value from a failed attempted add
under setsid.

(it also emits the prompt on stderr, even when there is no terminal to
read from, which seems useless but not as difficult to work around as
the zero-valued return code)

In the example below, the number at the beginning of the shell prompt
is the return code of the process just completed (i hit ctrl+D (EOF)
after the first passphrase prompt, but all other interaction is
visible):

[0 dkg at squeak test]$ umask 077
[0 dkg at squeak test]$ rm -f x
[0 dkg at squeak test]$ touch x
[0 dkg at squeak test]$ ssh-add x </dev/null
Enter passphrase for x: 
[1 dkg at squeak test]$ setsid ssh-add x </dev/null
Enter passphrase for x: [0 dkg at squeak test]$ 

So ssh-add is emitting a different return code in the setsid situation
than the normal situation.  Is that what i should expect?

Regards,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080820/ee5606d3/attachment.bin 


More information about the openssh-unix-dev mailing list