From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 3435 invoked by alias); 18 Jan 2013 14:13:38 -0000 Mailing-List: contact zsh-users-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Users List List-Post: List-Help: X-Seq: 17584 Received: (qmail 19485 invoked from network); 18 Jan 2013 14:13:34 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_LOW,T_DKIM_INVALID autolearn=ham version=3.3.2 Received-SPF: none (ns1.primenet.com.au: domain at daniel.shahaf.name does not designate permitted sender hosts) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= daniel.shahaf.name; h=date:from:to:cc:subject:message-id :references:mime-version:content-type:in-reply-to; s=mesmtp; bh= 1iVfgbo16px+6z6S4SjGbbmqb0M=; b=NdVJR+AY9aC9jUB8EqcipOQpBRO6nFED qiBeOB6sibBhWdpcGGUCliPtkZB9rf1vQ+oGRU2rAmYuy+rVuscgirJ6UB8pzne0 2YE2WNqPbgHz1o+qCAuT+FGsaY1fyJbsDkuUmqVc1nq11+7kwwVD1GXKSRALlRNG CqFsv1PuoG4= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=date:from:to:cc:subject:message-id :references:mime-version:content-type:in-reply-to; s=smtpout; bh=1iVfgbo16px+6z6S4SjGbbmqb0M=; b=hSnr9IZy7lQRWhSb/cJF6UED2Vma LBd4m+DAKfbhQznow09oIQg1AMQsT1KTbmXlZEI/oze8lEeA1GnwI5TJSqq05xMD f+apzhxtjWLl3/LHxiPxTUu+pMuopY65mEkUvn3maF8V+TdxcSNRNK5pV4dZbXx8 mgMrrrarDUr7pF0= X-Sasl-enc: HpkbJgTv5q8BdYVNvnCSTZB6oiHHVShgXVjovopw8fbu 1358518409 Date: Fri, 18 Jan 2013 16:13:22 +0200 From: Daniel Shahaf To: Bart Schaefer Cc: zsh-users@zsh.org Subject: Re: Backgrounding part of 'ssh-agent $cmd' Message-ID: <20130118141322.GE4666@lp-shahaf.local> References: <20130116065951.GA2992@lp-shahaf.local> <130116093514.ZM19656@torch.brasslantern.com> <20130118061845.GC3024@lp-shahaf.local> <130117232602.ZM23841@torch.brasslantern.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <130117232602.ZM23841@torch.brasslantern.com> User-Agent: Mutt/1.5.18 (2008-05-17) Bart Schaefer wrote on Thu, Jan 17, 2013 at 23:26:02 -0800: > I'm glad my suggestion answered your question, but I don't think that I > have solved your actual problem. Wandering a bit afield of zsh here ... > The part that I find less than ideal so far is that, under load, the GUI ssh-askpass dialog appears after foo_main has started. It's a problem, not because of the ordering (it's not a problem even to run foo_ssh_preseed only after foo_main has started), but because my "enter ssh pw, enter foo_main pw" muscle memory gets bypassed. > On Jan 18, 8:18am, Daniel Shahaf wrote: > } > } Yes, and yes my distribution sets up a session-global ssh-agent > } instance. Using a separate agent was a means to an end: not having the > } ssh keys decrypted in memory whilst the laptop is hibernating. > > I'm not sure you've actually accomplished that. From what you've > described, you're counting on the set of ssh created in foo_ssh_preseed > to exit because the network connections time out while the laptop sleeps? > Indeed. > That means "ssh-add -D" doesn't run until the laptop *wakes up again* > and the "wait" in foo_ssh_preseed returns. The agent's memory state > is dumped in the hibernate data with the keys still loaded. Boot from > removable media and that data could be mined. Am I missing something? > 'ssh -MNf' daemonizes itself, so foo_ssh_preseed takes about 5 seconds from start to finish. The daemons open and keep open SSH TCP connections, so that subsequent interactive 'ssh host1' commands don't need to do the TCP handshake and SSH authentication handshake --- which speeds them up. This relies on ControlPath (and maybe ServerAliveInterval) being set in ~/.ssh/config. I'd tell you exactly how long foo_ssh_preseed takes, but time(1zsh) doesn't work on functions: % zsh -fc 'time () { sleep 1 } ' % zsh -fc 'f(){ sleep 1 } ; time f' > You would need Christian's suspend-hook idea to get "ssh-add -D" to > run before the laptop hibernates. In which case you might as well > use the session-global agent ... Thanks, Daniel