Archive for the 'Secure Shell' Category

Bad Bash Sourcing

Published on March 11, 2009 by Zachary Lund in Secure Shell and Shell. 0 Comments Tags: , , , .

A while back I switched such that my .bash_profile sources my .bashrc instead of the reverse. Based on a few sources, this seems to be the preferred approach. Today I decided to push those files to a few servers that haven’t been updated lately. I transferred my .bash_profile and then my .bashrc:

zac@dakara:~$ scp ~/.environment/bash/bash_profile lansky:~/.bash_profile
bash_profile                                  100%  120     0.1KB/s   00:00
zac@dakara:~$ scp ~/.environment/bash/bashrc lansky:~/.bashrc
lost connection

What happened? My .bash_profile sources my .bashrc, but since I hadn’t yet replaced the .bashrc, it still sources my .bash_profile. That means infinite loop and that I am an idiot. SSH, rsync, and scp are all broken. There is no way to remove or replace either of those files without another account. I guess it’s time to open a support ticket at DreamHost.

The moral of the story is to always be careful how you source those files. I usually try to keep an SSH session open on the remote machine when I modify those files in case I break login, but this time I didn’t. A few searches didn’t reveal any solutions. I’d love to know if someone has a way of resolving this without access to another account on the remote machine.

Add an SSH Key to an SSH Agent on a Different Machine

Published on February 9, 2009 by Zachary Lund in Secure Shell. 0 Comments Tags: , , .

I recently discovered that I can add an SSH key to an SSH agent on a different machine. I find this useful because I am very protective of my SSH keys and prefer to keep them on my desktop (Dakara) and not on my laptop (Adria).

On Adria, you can see that I have no keys added:

zac@adria:~$ ssh-add -l
The agent has no identities.

I then secure shell to Dakara and forward my agent (-A) from Adria. I still have no keys added:

zac@adria:~$ ssh dakara -A
zac@dakara's password:
No mail.
Last login: Mon Feb  9 17:30:49 2009 from adria.lund
zac@dakara:~$ ssh-add -l
The agent has no identities.

Next, I add a key from Dakara to my agent on Adria:

zac@dakara:~$ ssh-add
Enter passphrase for /home/zac/.ssh/id_dsa:
Identity added: /home/zac/.ssh/id_dsa (/home/zac/.ssh/id_dsa)
zac@dakara:~$ ssh-add -l
2048 27:81:f8:7f:38:75:6b:ce:95:e4:46:62:02:9c:84:bd /home/zac/.ssh/id_dsa (DSA)

When I log out of Dakara, the key is still available on Adria:

zac@dakara:~$ logout
Connection to dakara closed.
zac@adria:~$ ssh-add -l
2048 27:81:f8:7f:38:75:6b:ce:95:e4:46:62:02:9c:84:bd /home/zac/.ssh/id_dsa (DSA)

Now my key is available on Adria without ever being on Adria. Even with physical access to my laptop, it would take a sophisticated hacker to steal my SSH key.