DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 26th March 2018
Funkygoby Funkygoby is offline
Port Guard
 
Join Date: Aug 2015
Posts: 43
Default Remove ssh private prompt

Hello,
I use OpenBSD with xfce and xenodm(1). After login in, I am prompted with a popup that asks for my ssh private key passphrase.

How can I remove this from happening?
I am willing to enter my passphrase but only when I use ssh, very seldom. Not at every xenodm login.
Also, I don't want ssh to remember my passphrase. That would be a dirty workaround.

Thank you
Reply With Quote
  #2   (View Single Post)  
Old 26th March 2018
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,253
Default

ssh-agent(1) is called by /etc/X11/xenodm/Xsession if the user has private keys defined.

See xenodm(1) for configuration file provisioning.
Reply With Quote
  #3   (View Single Post)  
Old 1st April 2018
Funkygoby Funkygoby is offline
Port Guard
 
Join Date: Aug 2015
Posts: 43
Default

I was looking for a way to disable ssh-agent at the user level (through ~/.xession maybe) but I can't find how to that while reading man pages of xenodm or ssh-agent.

What I can do is remove the stored keys with ssh -D ~/.ssh/mykey but that work until I reuse my key.
Or I could edit /etc/X11/xenodm/Xsession and remove the ssh-agent part.
Are those my solutions ?
Reply With Quote
  #4   (View Single Post)  
Old 1st April 2018
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,253
Default

I would avoid modifying any standard configuration files, to avoid the possible loss of local changes through an upgrade.

Start xenodm with a local configuration file, pointing to a local DisplayManager*session script.
Reply With Quote
  #5   (View Single Post)  
Old 10th April 2018
Funkygoby Funkygoby is offline
Port Guard
 
Join Date: Aug 2015
Posts: 43
Default

Solved!

I create a copy of /etc/X11/xenodm/Xsession in which I commented the lines concerning ssh-agent (25-38).
I put my custom file in /etc/X11/xenodm/ and named it Xsession.local
Then edited /etc/X11/xenodm/xenodm-config to add my config file path and comment the orginal path.

2 questions:
- xenodm-config is read-only (444 root:bin), so I had to run a chmod before editing it and re-chmod it to its originals permissions. Is that normal ? Why is this specific file read-only ?
- I choose to put my own conf file in the same directory as the original, appending the .local suffix to mimic the rc.conf and rc.conf.local pattern. Is it a good approach ?
Reply With Quote
  #6   (View Single Post)  
Old 10th April 2018
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,253
Default

Q1 - I don't know the reason for the file's settings. It could be as-packaged by X.org, or could be as-packaged in Xenocara.
Q2 - Yes, that's what I would have done.

---

I use xenodm and ssh-agent, so don't mind entering my passphrase at the prompt. If there are situations where I won't be using it, such as off-network, I press the Escape key to close the window.
Reply With Quote
  #7   (View Single Post)  
Old 11th April 2018
Funkygoby Funkygoby is offline
Port Guard
 
Join Date: Aug 2015
Posts: 43
Default

I use ssh like maybe once a year mostly for experiment.
My current ssh setup as been motivated by the need to remotely maintaining my father's computer (running Debian) in case of a failure.
I am not expecting much trouble and if something goes wrong, I am not sure any internet connexion will be possible anyway.

So being tired of pressing ESC every day, I decided to disable ssh-agent.
I know ... there is quite a contradiction using OpenBSD (home of OpenSSH) and disabling ssh-agent
Reply With Quote
  #8   (View Single Post)  
Old 11th April 2018
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,253
Default



I use ssh daily, so handing my passphrase to ssh-agent is my most common login.

There is always the option of using startx or xinit instead of xenodm.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PS1 command line prompt AFTER su s2scott OpenBSD General 4 21st February 2012 02:33 PM
mountroot prompt after update zeiz FreeBSD Installation and Upgrading 8 23rd October 2010 07:30 PM
HostV's virtual private servers go very private J65nko News 0 10th February 2010 05:17 AM
Nicer Prompt with ksh on 5.0 nihonto NetBSD Installation and Upgrading 8 12th October 2009 08:49 PM
what to do at mountroot prompt? Sunsawe FreeBSD General 13 5th June 2008 08:06 AM


All times are GMT. The time now is 04:35 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick