ssh-agent and Mac OS X

Introduction: I am beefing up security by requiring password protected SSH keys (two factor) for authentication. With this change, the use of ssh-agent is quite important. Because I use ssh frequently, it’s worth making its use as transparent as possible.

The Problem: Ssh-agent lacks an easy way to use it for multiple shell/terminal sessions. This is best explained by example. I log onto my Mac OS X/FreeBSD machine at the console. I needs to administrate a server so I open a terminal window. Now I must launch ssh-agent followed by ssh-add and then type in my passphrase to set up my ssh key(s). Now my ssh key is authenticated and ready for use during the rest of this session. So far, so good.

While I’m working on that first server, I needs to connect to another machine to see how I configured something there. This is where ssh-agent becomes onerous. I open another terminal window and must once again launch ssh-agent, and then ssh-add, type in my passphrase, and finally connect. But now I have two instances of ssh-agent running.

Having multiple ssh-agents is the default behavior because ssh-agent has no built-in mechanism for detecting and reusing an existing ssh-agent process. To do so, one must determine the correct path to the socket file and set SSH_AUTH_SOCK accordingly.

Research: I researched the options available for solving this issue on my Mac. I found Xander Schrijen’s SSH Agent for Mac OS X but had several issues that prevented me from falling into love with it. There is also SSHKeychain but it didn’t work at all on my Intel macs (it has since been fixed).

The Solution: After giving up on a easy point-and-click solution, I decided the best solution is one that works equally well on all the UNIX-like systems I use regularly: Mac OS 10.4, 10.5, Linux, and FreeBSD. I wrote a simple shell script, then a more complex one, then a perl script, and finally another shell script that I think is just about perfect. Its only requirement (beyond openssh) is bash.

Documentation is contained in the script. It has been tested on Mac OS X and FreeBSD. It should run without modification on any UNIX-like OS and requires the [ba]sh shell. I attempted a script that worked with both bash and tcsh but it simply wouldn’t work. Tcsh is a perfectly adequate shell but a miserable programming environment.

Demonstration: Opening a new Terminal window:

Last login: Sat Jul 28 20:41:10 on ttys001
cleaning up stale ssh agent
starting ssh-agent -a /Users/matt/.ssh/agent.sock
ssh agent for matt found at pid 30268.
adding ssh key(s) to agent
Identity added: /Users/matt/.ssh/id_rsa (/Users/matt/.ssh/id_rsa)
Identity added: /Users/matt/.ssh/id_dsa (/Users/matt/.ssh/id_dsa)
[matt@IntelliBigMac] ~ %

Opening a second Terminal window:

Last login: Sat Jul 28 20:52:54 on ttys002
ssh agent for matt found at pid 30268.
[matt@IntelliBigMac] ~ %

Enjoy
http://www.tnpi.net/computing/mac/agent.sh.txt

customer service

It’s all too common that customer service leaves much to be desired. Today I was quite surprised when I received excellent customer service from my telephone provider, VoicePulse. I was able to call out, but people weren’t able to call me.

So I called and inquired. Matt, in Newark, NJ answered my call. I explained the problem. He looked into briefly. Then, wonder of wonders, he explained exactly what the problem was. It turns out it was an issue they already knew about but the extent was greater than they realized. He demonstrated that he actually understood exactly the problem because he asked for another number where he could reach me. No more than an hour later, he actually called back to let me know the problem was fixed!

That’s what I call service. Thank you Matt @ VoicePulse, for surpassing my expectations.

The difference a couple years make

Two years ago, the focal point of our lives was a fascinating and wonderful little creature named Kayla. We were pretty smitten by her upon arrival but it seems that was just the tip of a monumental iceberg of joy that she is. It doesn’t seem possible that she turns two today. She is such the little treasure and there isn’t a single day I’d give back.

Since that day two years ago, I enrolled at DTS and we moved to Texas. Jen transitioned from office worker to telecommuter as I adjusted to life as a graduate student. After two semesters, I learned all I had set out to. After the conclusion of the school year, we bought a minivan and departed for Seattle to be near Jen’s family. Bill had been diagnosed with Leukemia and it would likely be the last time we’d get to be with him.

We stayed two months and returned to Texas. Lucas arrived in October. I cannot overstate how much life changed with #2. With an infant and a toddler, there is always a need for one, and frequently two parents attention. Combined with family visits, from Lucas’ birth through the New Year, getting anything done, let alone caught up, was wildly optimistic. Things we normally kept on top of did not receive the attention they were due.

But little in life is permanent. When the 2007 tax season rolled around, I caught up on over a years worth of bookkeeping (corporate & personal). In mid-April I accepted a position with Layered Tech, a hosting company. After a number of other less than satisfying interviews, LT seemed like a good fit so I accepted. So far, they are quite pleased with me and vice versa.

As Lucas rapidly progresses from infant to toddler, we seem to be finding a sense of balance. Unlike the last, this year our trees are pruned and the flower beds are weeded, mulched, and planted. The Jetta even got a fresh coat of wax and Rain-X. On Friday we celebrated our 5th anniversary. Not only was it a night out at one of Dallas’ nicest restaurants, but it was the third weekend in a row that we had been out as a couple.

With all the changes in and around our lives, there are a few things that remain constant: I found the love of my life, and she said yes. On that foundation we have build something that exceeds all expectations. Last night I sat on the floor in the dark, looking out the back windows. Cuddled in my lap was Kayla, a most treasured possession, giddy and exuberant, every time a firefly pierced the darkness.

Oh poo!

It all started innocently enough. Kayla was standing at the gate to our room, watching mommy prepare Lucas’ lunch. It being the time of day that Kayla is productive, she stood at the gate and delivered a fine specimen into her diaper. Mommy witnessed the event.

Meanwhile, daddy was in the office tending Lucas and working on a clients web site. Due to past excitement, Kayla is not allowed to remove her diaper without permission. So she trotted out and announced she wanted to sit on her potty seat. Daddy granted permission to remove her diaper and she did.

As the diaper slid off, the delivery from two minutes prior fell out of the diaper onto the floor. Thankfully, daddy had the good sense to put the potty seat on the tile floor. “What’s that!” Kayla asked quizzically. As she attempted to step away she instead stepped into it. What had great potential to be humorous turned ugly fast. Instead of trying to get away from the steaming heap on the floor she was trying to get away from her own foot!

Being dangerously close to carpet, damage control daddy swept in and restored sanity and hygiene.

PS: Diaper wipes are truly wonderful things.

favorite new quote

A man can do as he wills, but not will as he wills. — Arthur Schopenhauer

This is not a quote I could have sufficiently understood as a youth, and perhaps not even into my twenties. Even now into my thirties, like much of Arthur’s philosophy, it is not something I am willing to embrace. But I do realize that many of my objections to his philosphy were pure vanity.

Daddy care report

Kayla is picking up words so quickly that we no longer try to keep track. At 15 months, we could rattle off a list of words she knew. Now, at 20 months we’re only amused by the 2-3 new words she uses each day.

Two days ago I walked into the room with two tangeranes and an orange. I peeled a tangerine and offered Kayla a slice. “No, BIG orange!”, she demanded. She’s been really fond of superlatives lately, with big getting the majority of the attention. I called to Jen, “I think Kayla has a new favorite superlative.” Her response, “Yes, but it should be no surprise. We are in Texas after all.”

Yesterday Jen left for Huntsville on business, so I’ve been keeping the merry little tribe cared for. Kayla and I get along well by ourselves, but with Lucas here the bar was raised. He’s used to breastfeeding and so a few adjustments were required. The little man is not just strong of body (which still surprises us) but also a bit head-strong too.

Our initial feeding after mommy left went surprising well, but the second didn’t. Which led me to a modified version of an old corollary, “you can feed Lucas a bottle but you can’t make him drink.” After a fairly dismal attempt, I decided we’d give up and wait until the next feeding. At the next feeding we ate like a champ. And for our final feeding, once again dismal.

But daddy didn’t bother battling Lucas’ will. Lucas went to sleep hungry, in our room so I could hear him when he woke up hungry. Sure enough, at 4:00am we had a great feeding. Today has been more of the same. The morning feeding was dismal, but he ate really well at the next one. And now it’s that glorious time of the day when both babies are sleeping and daddy gets time to work. 🙂