1. Home
2. Questions
3. Unanswered
4. AI Assist Labs
5. Tags
7. Chat
8. Users
10. Companies
Teams

Ask questions, find answers and collaborate at work with Stack Overflow for Teams.
Try Teams for free Explore Teams
Teams
Ask questions, find answers and collaborate at work with Stack Overflow for Teams. Explore Teams

Why is my SSH authentication socket different from the man pages?

Ask Question

Asked 10 years, 10 months ago

Modified 4 years, 2 months ago

Viewed 1k times

4

These two entries of man ssh-agent describe the SSH authentication socket:

$TMPDIR/ssh-XXXXXXXXXX/agent.<ppid>
UNIX-domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. The sockets should get automatically removed when the agent exits.

A UNIX-domain socket is created and the name of this socket is stored in the SSH_AUTH_SOCK environment variable. The socket is made accessible only to the current user. This method is easily abused by root or another instance of the same user.

However, when I echo out the value of $SSH_AUTH_SOCK, I get this value instead: /run/user/1000/keyring-5h6wYS/ssh (with 1000 being the user ID of my current login)

I assume my local system (Ubuntu 14.10) is "hijacking" the default authentication socket and replacing it with the system keyring, but it's not mentioned in the man page, and I can't find more details on the matter.

What is going on behind the scenes, and where can I read up on more details of the process?

asked Dec 29, 2014 at 20:07

IQAndreas

10.7k22 gold badges65 silver badges81 bronze badges

The Ubuntu manpage says that that path is merely the default. Is there any reason why it should be the default, especially given the actual path is provided by the variable?

muru
– muru

2014-12-29 20:11:35 +00:00
Commented Dec 29, 2014 at 20:11
@muru I'd argue most distributions and software like using the default path even though it can be changed (e.g. ~/.ssh, ~.gnupg); it typically makes it easier and clearer for everyone. I'd assume if the default directory wasn't used on a major system (such as Ubuntu) things like that are typically mentioned in a man page somewhere.

IQAndreas
– IQAndreas

2014-12-29 20:17:49 +00:00
Commented Dec 29, 2014 at 20:17
@muru I'm looking for that "somewhere" where the information is listed.

IQAndreas
– IQAndreas

2014-12-29 20:18:28 +00:00
Commented Dec 29, 2014 at 20:18
3

Are you sure you're using ssh-agent, and not gnome-keyring?

derobert
– derobert

2014-12-29 20:50:56 +00:00
Commented Dec 29, 2014 at 20:50

Add a comment |

1 Answer 1

Sorted by:

1

different tools can act as ssh agents, not just ssh-agent. gpg-agent can also agent for ssh, and gnome-keyring. probably something from KDE also.

As long as SSH_AUTH_SOCK is getting set, you should be good to go.

answered Aug 11, 2016 at 3:07

Wayne Walker

1,0439 silver badges13 bronze badges

This isn't necessarily true. SSH_AUTH_SOCK can be pointing at a PID file that doesn't exist.

cardonator
– cardonator

2018-05-02 17:41:49 +00:00
Commented May 2, 2018 at 17:41

Add a comment |

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.