Skip to content

Commit

Permalink
[svn] keychain-2.6.0:
Browse files Browse the repository at this point in the history 
  Add the --eval option which makes keychain startup easier.  See the man-page
  for examples.  Get rid of the release notes from README, so now this file is
  where changes are tracked.  Get rid of the TODO file since it's empty (and
  TODOs can be tracked in README anyway).
  • Loading branch information
@agriffis
agriffis committed Oct 10, 2005
1 parent 87d2e24 commit 8a3a8d9
Show file tree
Hide file tree
Showing 7 changed files with 178 additions and 211 deletions.
7 changes: 7 additions & 0 deletions ChangeLog
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,13 @@
# Written by Daniel Robbins <drobbins@gentoo.org>
# Maintained by Aron Griffis <agriffis@gentoo.org>

* keychain 2.6.0 (10 Oct 2005)

10 Oct 2005; Aron Griffis <agriffis@gentoo.org>:
Add the --eval option which makes keychain startup easier. See the man-page
for examples. Get rid of the release notes from README, so now this file is
where changes are tracked.

* keychain 2.5.5 (28 Jul 2005)

28 Jul 2005; Aron Griffis <agriffis@gentoo.org>:
Expand Down
4 changes: 0 additions & 4 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,6 @@ keychain-$V.tar.gz: $(TARBALL_CONTENTS)
echo "**** Need to update the ChangeLog for version $V"; \
exit 1; \
fi
@if ! grep -qF 'Keychain $V ' README; then \
echo "**** Need to update the README for version $V"; \
exit 1; \
fi
mkdir keychain-$V
cp $(TARBALL_CONTENTS) keychain-$V
sudo chown -R root:root keychain-$V
Expand Down
135 changes: 5 additions & 130 deletions README
View file
Original file line number Diff line number Diff line change
@@ -1,137 +1,12 @@
README for KeyChain; http://www.gentoo.org/projects/keychain
Copyright 2001-2004 Gentoo Foundation; Distributed under the GPL

RELEASE NOTES (See "ChangeLog" for more info):

Keychain 2.5.5 adds the the --env option and automatic reading of .keychain/env.
This allows variables such as PATH to be overridden for peculiar environments.

Keychain 2.5.4.1 fixes a minor bug introduced in 2.5.4 that resulted in always
exiting with non-zero status.

Keychain 2.5.4 fixes multibyte issues that could keep a running ssh-agent from
being found. It also changes the locking mechanism to close race conditions on
cygwin, where symlink creation is not atomic.

Keychain 2.5.3.1 fixes addition of gpg keys, which I managed to break in
2.5.3.

Keychain 2.5.3 improves handling of DISPLAY by unsetting if blank.
Additionally gpg is called with --use-agent in case the gpg configuration
file excludes use-agent.

Keychain 2.5.2 fixes a bug dealing with Solaris RSA keys, a syntax error
running on Big/IP (x86 BSD variant), and enhances compatibility with bash's
HOSTNAME variable.

Keychain 2.5.0 adds inheritance support via --inherit and changes
default behavior so that non-keychain agents aren't killed by default.

Keychain 2.4.3 fixes a problem on BSD where multiple agents would be
started.

Keychain 2.4.2.1 fixes some minor issues in the test for existing gpg
keys.

Keychain 2.4.2 has complete support for gpg-agent, including adding
keys, clearing the agent, etc. The default for --attempts was changed
from 3 to 1.

Keychain 2.4.1 enables Sun SSH compatibility and fixes some more
Solaris awk problems.

Keychain 2.4.0 fixes a problem with awk on Solaris, a problem with
commercial ssh not prompting for a password, and adds gpg-agent
support.

Keychain 2.3.5 fixes a minor problem where keychain would report the
wrong number of keys when adding them to ssh-agent

Keychain 2.3.4 fixes a problem where keychain would mistake defunct
ssh-agent processes for running ones

Keychain 2.3.3 fixes a problem in the help output, makes --dir work
correctly, correctly handles spaces in file and directory names, and
fixes operation on HP-UX with older OpenSSH

Keychain 2.3.2 fixes a problem involving ssh-askpass where keychain
would attempt to use the gui even when --nogui is specified

Keychain 2.3.1 fixes a problem when users are running csh, at least on
Solaris and BSD.

Keychain 2.3.0 updates the locking code to obviate the procmail
dependency

Keychain 2.2.2 fixes the generation of the -csh file, reported by Jens
Svalgaard Kohrt in http://bugs.gentoo.org/show_bug.cgi?id=49813

Keychain 2.2.1 includes a fix for Solaris, which cuts off ps -u output
at 8 characters. Reported by and tested by Clay England.

Keychain 2.2.0 is a complete rewrite with a lot of compatibility and
speed fixes. Additionally it provides --timeout for carpaski and
others interested in this feature.

Keychain 2.0.3 contains some fixes for color issues and a grep -i option for
cygwin.

Keychain 2.0.2 contains a fix for the handling of ssh-askpass; SSH_ASKPASS now
needs to be set to enable askpass functionality.

Keychain 2.0.1 contains Solaris, Tru64 and MacOS X fixes, "--help" fixes, and
compatibility with x11-ssh-askpass.

Keychain 2.0 contains HP-UX and Cygwin fixes (Cygwin support is now inside the
main keychain script), and now stores keychain files in the ~/.keychain/
directory for tidiness. New filenames too: ~/.keychain/sh-${HOSTNAME} and
~/.keychain/csh-${HOSTNAME}. Keychain 2.0 also contains a bunch of additional
fixes and performance improvements, and the --local option has been
depreciated. Added the --dir option so that you can specify an alternate
location for keychain to look for the .keychain directory: "keychain --dir
/var/foo /path/to/my/key" will cause keychain to look for /var/foo/.keychain.

Keychain 1.9 contains fixed Solaris support and a new "keychain.cygwin" script
for Cygwin systems. Sorry for the long delay in releasing this one; I've been
busy :)

Keychain 1.8 contains many shell compatibility improvements and various other
fixes, improved "lockfile" settings, improved detection of failed passphrase
attempts, the new ability to query public keys if the private key doesn't
contain a fingerprint, a quiet mode fix, and a new "--local" option for non-NFS
users who don't want to have the hostname appended to keychain's dot files.

Keychain 1.7 will use procmail's lockfile command if available to serialize the
startup of multiple keychain processes; this is a good thing if you have
multiple xterms opening simultaneously when you start X. This new feature
prevents multiple instances of ssh-agent from mistakenly being started. To
enable this feature, install procmail on your system. We also now have a
ssh-agent kill fix, a Solaris output fix, Darwin/MacOS X fix, FreeBSD output
fix, new short-style options (-k/-h for --stop and --help), and a new
--quiet/-q option for less-verbose output.

Keychain 1.6 will now try to add multiple keys at once, so that if you have
two keys with the same passphrase, you only need to type in the passphrase
once. Also contains a /usr/ucb Solaris path compatibility fix.

Keychain 1.5 contains a number of shell compatibility fixes for Solaris, IRIX,
and various other cleanups and optimizations. If we are not universally sh-
compatible at this point, we are extremely close.

Keychain 1.4 *should* now be compatible with Linux, BSD, Solaris, IRIX and
hopefully many other POSIX-like environments. Please submit any compatibility
patches to Daniel Robbins at drobbins@gentoo.org.

Keychain 1.3 and above now create ~/.ssh-agent-[hostname] files, making
KeyChain compatible with NFS-mounted home directories. There is also a new
~/.ssh-agent-csh-[hostname] available that can be sourced by csh-based shells.
Copyright 2001-2005 Gentoo Foundation; Distributed under the GPL

REQUIREMENTS

Keychain 1.3 and above should now be sh-compliant. Colorization features may
look weird if you're not using a vt100-compatible terminal and can be disabled
with the --nocolor option. You can make keychain less verbose by using the -q
or --quiet option.
Keychain should run on any Bourne shell. Colorization features may look weird
if you're not using a vt100-compatible terminal and can be disabled with the
--nocolor option. You can make keychain less verbose by using the -q or --quiet
option.

INSTALLATION

Expand Down
6 changes: 0 additions & 6 deletions TODO
View file

This file was deleted.

65 changes: 35 additions & 30 deletions keychain.pod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,12 @@ ssh keys when you're logged out.

Keychain will use dirname rather than $HOME/.keychain

=item B<--eval>

Keychain will print lines to be evaluated in the shell on stdout. It
respects the SHELL environment variable to determine if Bourne shell
or C shell output is expected.

=item B<--env> I<filename>

After parsing options, keychain will load additional environment
Expand Down Expand Up @@ -201,45 +207,44 @@ Show version information.

=head1 EXAMPLES

This snippet would work in .bash_profile (for bash) or .zlogin (for
zsh) to load two ssh keys and one gpg key:
This snippet should work in any shell to load two ssh keys and one gpg
key:

keychain id_rsa id_dsa 0123ABCD
[[ -f $HOME/.keychain/$HOSTNAME-sh ]] && \
source $HOME/.keychain/$HOSTNAME-sh
[[ -f $HOME/.keychain/$HOSTNAME-sh-gpg ]] && \
source $HOME/.keychain/$HOSTNAME-sh-gpg
eval `keychain --eval id_rsa id_dsa 0123ABCD`

For other Bourne-compatible shells such as sh, you can use this in
.profile:
If you have trouble with that in csh:

keychain id_rsa id_dsa 0123ABCD
host=`uname -n`
[ -f $HOME/.keychain/$host-sh ] && \
. $HOME/.keychain/$host-sh
[ -f $HOME/.keychain/$host-sh-gpg ] && \
. $HOME/.keychain/$host-sh-gpg
setenv SHELL /bin/csh
eval `keychain --eval id_rsa id_dsa 0123ABCD`

This snippet would work in .login for tcsh:
This is equivalent for Bourne shells (including bash and zsh) but
doesn't use keychain's --eval feature:

keychain id_rsa id_dsa 0123ABCD
if (-f $HOME/.keychain/$HOST-csh) then
source $HOME/.keychain/$HOST-csh
endif
if (-f $HOME/.keychain/$HOST-csh-gpg) then
source $HOME/.keychain/$HOST-csh-gpg
endif
[ -z "$HOSTNAME" ] && HOSTNAME=`uname -n`
[ -f $HOME/.keychain/$HOSTNAME-sh ] && \
. $HOME/.keychain/$HOSTNAME-sh
[ -f $HOME/.keychain/$HOSTNAME-sh-gpg ] && \
. $HOME/.keychain/$HOSTNAME-sh-gpg

This snippet would work in .login for csh:
This is equivalent for C shell (including tcsh):

keychain id_rsa id_dsa 0123ABCD
host=`uname -n`
if (-f $HOME/.keychain/$host-csh) then
source $HOME/.keychain/$host-csh
endif
if (-f $HOME/.keychain/$host-csh-gpg) then
source $HOME/.keychain/$host-csh-gpg
endif
host=`uname -n`
if (-f $HOME/.keychain/$host-csh) then
source $HOME/.keychain/$host-csh
endif
if (-f $HOME/.keychain/$host-csh-gpg) then
source $HOME/.keychain/$host-csh-gpg
endif

To load keychain variables from a script (for example from cron) and
abort unless id_dsa is available:

# Load keychain variables and check for id_dsa
[ -z "$HOSTNAME" ] && HOSTNAME=`uname -n`
. $HOME/.keychain/$HOSTNAME-sh 2>/dev/null
ssh-add -l 2>/dev/null | grep -q id_dsa || exit 1

=head1 SEE ALSO

Expand Down
Loading

0 comments on commit 8a3a8d9

Please sign in to comment.