X-Spam-Check-By: sourceware.org Message-ID: X-Sender: karlm30 AT hotmail DOT com From: "Karl M" To: cygwin AT cygwin DOT com Subject: RE: ssh-agent variables available to any user process Date: Wed, 30 Aug 2006 05:13:29 -0700 Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_7d83_6a3f_4a63" X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com ------=_NextPart_000_7d83_6a3f_4a63 Content-Type: text/plain; format=flowed Hi All... >From: Jörg Schaible Reply-To: To: "[ML] CygWin " Subject: RE: ssh-agent >variables available to any user process >Date: Wed, 30 Aug 2006 08:02:46 +0200 > >Lapo Luchini wrote on Wednesday, August 30, 2006 12:42 AM: > > > Under FreeBSD, I launch ssh-agent in my .xsession script and its > > environment is automatically inherited by every shell I then > > open in my > > X11 session. > > No such luck with Windows, but I found a way to propagate a > > environment variable to any (future) user process after the user is > > already logged. > > (or, at the very least...) Works for me. > > > > Variables will be then available on any shell and program opened after > > the attached script is executed. > > (put it in "Startup" menu in order to execute it at logon time) > >I use a similar approach for years utilizing keychain. In my ~/.profile I >have following lines: I do domething similar, but skip using keychain because it adds so much time to launching a bash shell window. I just use ssh-agent directly. Once you do all this work, keychain isn't doing much for you. > >====== %< ======= >if test -z "`pidof ssh-agent`"; then > keychain ~/.ssh/id_dsa > . ~/.keychain/`hostname`-sh > # Create batch files to be called from running shells > cat ~/.keychain/`hostname`-sh | sed -e "s/;.*$//g" | u2d > >~/.keychain/`hostname`-command.bat > # Set environment directly > regtool -s set /machine/SYSTEM/CurrentControlSet/Control/Session\ >Manager/Environment/SSH_AUTH_SOCK $SSH_AUTH_SOCK > regtool -s set /machine/SYSTEM/CurrentControlSet/Control/Session\ >Manager/Environment/SSH_AGENT_PID $SSH_AGENT_PID > # Broadcast of WM_SETTINGCHANGE > update-env >else > . ~/.keychain/`hostname`-sh >fi >====== %< ======= > >And update-env.c is: > >====== %< ======= >#include >int main() { > SendMessage(HWND_BROADCAST, WM_SETTINGCHANGE, 0, >(LPARAM)"Environment"); >} >====== %< ======= > >build with Makefile: > >====== %< ======= >all: update-env.exe > >%.exe: %.c > gcc -mno-cygwin $^ -o $* > strip $@ >====== %< ======= I use ssh-add -l >/dev/null 2>&1 if [ $? -eq 1 ]; then ssh-add fi in my profile and I launch ssh-agent from a service(one service for each user), so it survives logout on windows. The service and service installer bash scripts are attached. I've considered supporting this as a package, but have not seen much interest. > >I never found a way to broadcast the WM_SETTINGCHANGE directly form the >script without the little helper app. Neither did I. My helper application sendchenv.exe, but the same as update-env.exe. My source is also attached. HTH, ...Karl ------=_NextPart_000_7d83_6a3f_4a63 Content-Type: text/plain; name="secret-agent-service-install"; format=flowed Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="secret-agent-service-install" #!/bin/bash # secret-agent-service-install service-name user-name if [ "~$1" = "~" ]; then echo A service name is required. exit 1 fi if [ "~$2" = "~" ]; then echo A user name is required. exit 1 fi echo Uninstalling the secret-agent service, $1. cygrunsrv --remove $1 echo Adding the \"Log on as a Service\" right for $2. editrights -a SeServiceLogonRight -u $2 echo Installing the secret-agent service, $1. cygrunsrv --install $1 \ --args '/bin/secret-agent-service' \ --disp "Secret Agent $2" \ --desc "Creates an ssh-agent process for $2." \ --path '/bin/bash' \ --shutdown \ --user "$2" echo Starting the secret-agent service, $1. cygrunsrv --start $1 ------=_NextPart_000_7d83_6a3f_4a63 Content-Type: text/plain; name="secret-agent-service"; format=flowed Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="secret-agent-service" #!/bin/bash # Launch the ssh-agent from a service so it survives logoff. # When the service stops, kill the ssh-agent. trap "ssh-agent -k; exit 0" TERM # Clean up old files that may be left behind after a crash. # The file permissions make this safe to do in a multi-user # environment, but "/tmp" must be local to this host. rm -rf /tmp/ssh-* # Launch the ssh-agent. eval $(ssh-agent) # Provide the ssh-agent socket ID via the registry and broadcast # the change in case the user is logged before we finish. # Do not provide the ssh-agent PID to minimize the risk of # killing the ssh-agent. regtool -s set /HKEY_CURRENT_USER/Environment/SSH_AUTH_SOCK $SSH_AUTH_SOCK sendchenv # Wait quietly until the service is stopped. while true; do sleep 24h & wait done ------=_NextPart_000_7d83_6a3f_4a63 Content-Type: text/plain; name="sendchenv.c"; format=flowed Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="sendchenv.c" // Notify all windows that environment variables may have changed. #include int main() { DWORD dwReturnValue; if (SendMessageTimeout(HWND_BROADCAST, WM_SETTINGCHANGE, 0, (LPARAM) "Environment", SMTO_ABORTIFHUNG, 5000, &dwReturnValue)) return 0; else return 1; } ------=_NextPart_000_7d83_6a3f_4a63 Content-Type: text/plain; charset=us-ascii -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ ------=_NextPart_000_7d83_6a3f_4a63--