GDM and ssh-agent

Brian J. Tarricone bjt23 at cornell.edu
Sat Jul 10 20:21:01 CEST 2004



Matthias Fechner wrote:

>Hi,
>
>i use gdm to start my xfce4-Session. I use the following script:
>
[snip]

>But i have the problem, that ssh-add asks for the password, but this
>password is the same as the login-password from gdm.
>Is it possible to say ssh-add to use password from gdm or maybe do
>anything with PAM?
>  
>
first, an admonition from someone that works on security software: your 
ssh privkey should be protected by a pass*phrase*, not a pass*word*.  
for best security, you should be using a passphrase of several words - 
in my opinion,  five words at bare minimum.  you should _not_ be using 
the same thing as your unix system password.  there are plenty of 
methods for generating a 'random' passphrase floating around on the net, 
something called 'diceware' i think is the best.

having said that, no, there is no way to do what you're looking for.  
ssh-add will not look at PAM or GDM for your password, and i doubt they 
ever will, in part because of the reasoning i outlined above.

    -brian



More information about the Xfce mailing list