[NBLUG/talk] Agent locking

Eric Eisenhart eric at nblug.org
Fri Jan 2 08:12:01 PST 2004


On Fri, Jan 02, 2004 at 09:17:24AM -0600, Warren Raquel wrote:
> I want to set up my ssh-agent to lock and require reauthentication after a
> lock-screen/screensaver kicks in. What's the best way to do this (and in
> whatever window manager you use). Thanks!

I once wrote a script to do this, but I gave up on that idea and don't have
the script anymore...

Basic methodology is to have a script that runs "xscreensaver-command
-watch", looks at the output and runs "ssh-add -D" whenever "LOCK" shows up
and runs "ssh-add < /dev/null" when ever "UNLOCK" or "UNBLANK" shows up.

In fact, the xscreensaver-command manpage has a good starting point.  Try
something like this:

#!/usr/bin/perl
 
my $blanked = 0;
open (IN, "xscreensaver-command -watch |");
while (<IN>) {
    if (m/^(BLANK|LOCK)/) {
        system "ssh-add -D";
        $blanked = 1;
    } elsif (m/^UNBLANK/) {
	# To avoid trying to spawn too many ssh-add's all over the place
        if($blanked) {
            system "ssh-add < /dev/null";
            $blanked = 0;
        }
    }
}

-- 
Eric Eisenhart
NBLUG Co-Founder & Director-At-Large
The North Bay Linux Users Group
http://nblug.org/
eric at nblug.org, IRC: Freiheit at freenode, AIM: falschfreiheit, ICQ: 48217244



More information about the talk mailing list