Why so many 'agent' processes run by xfce4-session

Michael De Roover xfce at nixmagic.com
Sun Sep 20 03:03:12 CEST 2020 

Not entirely sure how you can turn them off, but in Mate I also see
default agent sessions like this. Agents on their own are just..
meaningless SSH authentication sockets that you can (if you want to)
interact with really. They are for password-protected SSH keys and if
you want to add one, you can add them to the agent with ssh-add. I
think that desktops do that when they initially ask you to enter your
key's password.

Getting rid of them is something I'm not entirely sure of either, but
if you want an agent of your own you can just run `eval $(ssh-agent)`
and your current shell will be provided with the SSH_AUTH_SOCK and
SSH_AGENT_PID for that particular agent. However SSH_AUTH_SOCK is the
only important variable when you want to attach to an existing agent.
By default this is stored in /tmp and.. security issues aside (which
are very severe in my opinion), you can just attach to it from any
local user on the system due to /tmp's broad permissions that allow you
to discover the key and thereby attach to them by setting this
variable.

On their own the agents don't do much, and /run/user/1000 is definitely
something from the desktop environment itself. From manually initiated
agents, it would be something like /tmp/ssh.$mktemp/agent.$pid where
$mktemp is something along the lines of mktemp output and $pid is the
agent's PID.

Looking forward for answers on what creates these and how to turn them
off as well.

(Sorry if this email ends up getting sent twice, I had issues with my
mail server's network configuration)

On Thu, 2020-09-17 at 11:05 +0100, Chris Green wrote:
> On Thu, Sep 17, 2020 at 10:04:23AM +0100, Chris Green wrote:
> > I have been doing some ssh configuration recently and, as a
> > consequence, looked at the key agent processes related to Public
> > Key
> > handling.
> > 
> > On both my xubuntu 20.04 systems I have three agent processes, is
> > this
> > correct (output from ps):-
> > 
> > chris       1136     965  0 Sep16 ?        00:00:02 xfce4-session
> > chris 1223 1136 0 Sep16 ? 00:00:00 /usr/bin/ssh-agent /usr/bin/im-
> > launch startxfce4 
> > chris 1524 1136 0 Sep16 ? 00:00:01 /usr/lib/policykit-1-
> > gnome/polkit-gnome-authentication-agent-1 
> > chris 1898 1133 0 Sep16 ? 00:00:00 /usr/bin/ssh-agent -D -a
> > /run/user/1000/keyring/.ssh 
> > 
> > 
> > Should all of these really be running, if not then how do I turn
> > some
> > of them off?  It seems that it's the ssh-agent process 1898 which
> > is
> > the actual key agent process.
> > 
> Not to mention that the two ssh-agent processes seem to be
> competing:-
> 
> chris$ env | grep -i ssh
> SSH_AUTH_SOCK=/run/user/1000/keyring/ssh
> SSH_AGENT_PID=1223
> 
> 
-- 
Michael De Roover <xfce at nixmagic.com>

More information about the Xfce mailing list