From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 15142 invoked by alias); 18 Jan 2013 07:26:19 -0000 Mailing-List: contact zsh-users-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Users List List-Post: List-Help: X-Seq: 17580 Received: (qmail 12867 invoked from network); 18 Jan 2013 07:26:17 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 Received-SPF: none (ns1.primenet.com.au: domain at closedmail.com does not designate permitted sender hosts) From: Bart Schaefer Message-id: <130117232602.ZM23841@torch.brasslantern.com> Date: Thu, 17 Jan 2013 23:26:02 -0800 In-reply-to: <20130118061845.GC3024@lp-shahaf.local> Comments: In reply to Daniel Shahaf "Re: Backgrounding part of 'ssh-agent $cmd'" (Jan 18, 8:18am) References: <20130116065951.GA2992@lp-shahaf.local> <130116093514.ZM19656@torch.brasslantern.com> <20130118061845.GC3024@lp-shahaf.local> X-Mailer: OpenZMail Classic (0.9.2 24April2005) To: zsh-users@zsh.org Subject: Re: Backgrounding part of 'ssh-agent $cmd' MIME-version: 1.0 Content-type: text/plain; charset=us-ascii I'm glad my suggestion answered your question, but I don't think that I have solved your actual problem. Wandering a bit afield of zsh here ... On Jan 18, 8:18am, Daniel Shahaf wrote: } } Yes, and yes my distribution sets up a session-global ssh-agent } instance. Using a separate agent was a means to an end: not having the } ssh keys decrypted in memory whilst the laptop is hibernating. I'm not sure you've actually accomplished that. From what you've described, you're counting on the set of ssh created in foo_ssh_preseed to exit because the network connections time out while the laptop sleeps? That means "ssh-add -D" doesn't run until the laptop *wakes up again* and the "wait" in foo_ssh_preseed returns. The agent's memory state is dumped in the hibernate data with the keys still loaded. Boot from removable media and that data could be mined. Am I missing something? You would need Christian's suspend-hook idea to get "ssh-add -D" to run before the laptop hibernates. In which case you might as well use the session-global agent ...