You are not logged in.

Pages: 1

#1 2014-08-04 08:01:36

quiv
Member
Registered: 2014-02-20
Posts: 22

Pam_ssh and Automatic login to virtual console

My desire is to automate the process of logging on and decrypting my ssh and gpg keys.  Currently I'm employing keychain to this affect. Keychain makes it so that I only have to enter my passphrase for my keys once per boot. I'm currently using the example script I found on keychain's manpage from my zprofile to start it.

           
keychain id_rsa id_dsa 0123ABCD
[ -z "$HOSTNAME" ] && HOSTNAME=`uname -n`
[ -f $HOME/.keychain/$HOSTNAME-sh ] && \
	. $HOME/.keychain/$HOSTNAME-sh
[ -f $HOME/.keychain/$HOSTNAME-sh-gpg ] && \
	. $HOME/.keychain/$HOSTNAME-sh-gpg

That all works fine. I thought that's pretty neat. But as this is my home computer I would like it even more if I didn't have to enter a passphrase everytime I booted up. pam_ssh seemed to fit the bill. I followed the instructions there to set it up and it works well. I enter my password to log into to the virtual console and then because I use the same password to log in as I do passphrase for my keys pam_ssh automatically uses this to decrypt my ssh keys. So the next step was to also log into the virtual console automatically. I used the wiki article's automatic login to virtual console for this.

[Service]
ExecStart=
ExecStart=-/usr/bin/agetty --autologin username --noclear %I 38400 linux
Type=simple

However this doesn't appear to work nicely with pam_ssh. It automatically logs me into the console but then I get asked for my passphrase for my ssh key. So I would like to know;

1) Is it possible to make this seamless such that I don't have to enter my password and passphrase at all?
2) Is there another way to accomplish this? Right now with just automatic login enabled it sits at the virtual console waiting for me to input my pass phrase for my ssh and gpg keys. Is there a way where I could just automatically send my passphrase as keyboard input a set amount of time after I boot?
3) In my intial limited testing of pam_ssh it only seems to work with ssh keys and not gpg keys. I there a similar tool I could use for my gpg keys?
4) related to 3; even without auto-login I currently have to enter two passphrases on boot. Once for my ssh keys and one for my gpg keys. Is it possible to have it so that I only have to enter my passphrase once and it will decrypt ssh and gpg keys?

Offline

Pages: 1

Board footer

Powered by FluxBB