Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "John Christian Stoddart (chiguire)" <chiguire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo commit in xml/htdocs/proj/es/keychain: index.xml
Date: Mon, 26 Oct 2009 20:37:43
Message-Id: E1N2WJx-0000vn-36@stork.gentoo.org
1 chiguire 09/10/26 20:37:41
2
3 Added: index.xml
4 Log:
5 #290031, new spanish translation (jose maria alonso)
6
7 Revision Changes Path
8 1.1 xml/htdocs/proj/es/keychain/index.xml
9
10 file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/proj/es/keychain/index.xml?rev=1.1&view=markup
11 plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/proj/es/keychain/index.xml?rev=1.1&content-type=text/plain
12
13 Index: index.xml
14 ===================================================================
15 <?xml version='1.0' encoding="utf-8"?>
16
17
18 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/es/keychain/index.xml,v 1.1 2009/10/26 20:37:40 chiguire Exp $ -->
19 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
20
21 <guide link="/proj/es/keychain.xml" lang="es">
22 <title>Keychain</title>
23
24 <author title="Autor original">
25 <mail link="drobbins@g.o">Daniel Robbins</mail>
26 </author>
27 <author title="Mantenedor actual">
28 <mail link="agriffis@×××××.net">Aron Griffis</mail>
29 </author>
30 <author title="Traductor">
31 <mail link="gentoo@××××××.org">José María Alonso</mail>
32 </author>
33
34 <abstract>
35 Esta página contiene información acerca de Keychain, una aplicación de
36 gestión de claves RSA/DSA OpenSSH y compatibles con SSH2 comercial.
37 </abstract>
38
39 <version>2.6.8</version>
40 <date>24 Oct 2006</date>
41
42 <chapter>
43 <title>Introducción</title>
44 <section>
45 <body>
46
47 <p>
48 Muchos de nosotros usamos el excelente <uri
49 link="http://www.openssh.com/">OpenSSH</uri> como un reemplazo seguro y
50 encriptado de los venerables comandos telnet y rsh. Una de las
51 características intrigantes de OpenSSH (y del SSH2 comercial) es su
52 habilidad para autenticar usuarios mediante los protocolos de autenticación
53 RSA y DSA que están basados en dos "claves" numéricas y
54 complementarias. Además, uno de los mayores atractivos de la autenticación
55 RSA y DSA es la promesa de ofrecer la capacidad de establecer conexiones con
56 sistemas remotos <e>sin necesidad de ofrecer una contraseña</e>. El script
57 <c>keychain</c> hace que el manejo de las claves RSA DSA sea a la vez
58 adecuado y seguro. Actúa como front-end de <c>ssh-agent</c>, permitiéndole
59 mantener en ejecución durante un largo periodo de tiempo un proceso
60 <c>ssh-agent</c> <e>para todo el sistema</e>, en lugar de tener uno para
61 cada sesión de login. Esto reduce dramáticamente el número de veces que
62 necesita introducir su clave de una, cada nueva sesión de login, a una
63 <e>cada vez que su máquina es reiniciada.</e>
64 </p>
65
66 <p>
67 <c>Keychain</c> fue presentado por primera vez en una serie de artículos de
68 <uri link="http://www.ibm.com/developerworks">IBM developerWorks</uri>. El
69 primer <uri
70 link="http://www-106.ibm.com/developerworks/linux/library/l-keyc.html">
71 artículo</uri> presenta una serie de conceptos detrás de la autenticación
72 RSA/DSA y le muestra como implantar una autenticación básica (con
73 contraseña). El <uri
74 link="http://www-106.ibm.com/developerworks/linux/library/l-keyc2/"> segundo
75 artículo</uri> le muestra como usar <c>keychain</c> para implantar un acceso
76 <c>ssh</c> <e>sin contraseña</e> de una forma muy adecuada. <c>keychain</c>
77 también ofrece una forma segura y limpia para que los trabajos <c>cron</c>
78 tomen las ventajas de las claves RSA/DSA keys sin necesidad de usar claves
79 inseguras, sin encriptar o privadas. <uri
80 link="http://www-106.ibm.com/developerworks/linux/library/l-keyc3/">El
81 tercer artículo</uri> le muestra como usar el mecanismo de reenvío de
82 autenticación de <c>ssh-agent</c>.
83 </p>
84
85 <p>
86 Las versiones actuales de <c>keychain</c> funcionan en Linux, BSD, <uri
87 link="http://cygwin.com/">Cygwin</uri>, <uri
88 link="http://h30097.www3.hp.com/">Tru64 UNIX</uri>, <uri
89 link="http://www.hp.com/products1/unix/operating/">HP-UX</uri>, <uri
90 link="http://www.apple.com/macosx/">Mac OS X</uri>, y <uri
91 link="http://wwws.sun.com/software/solaris/index.html">Solaris</uri> usando
92 la variante del Bourne shell que esté disponible en cada uno.
93 </p>
94
95 </body>
96 </section>
97 </chapter>
98
99 <chapter>
100 <title>Captura de pantalla</title>
101 <section>
102 <body>
103
104 <figure link="keychain-ss.png" caption="Keychain en acción" />
105 <p>
106 Arriba, agriffis ejecuta <c>keychain</c>, el cual ejecuta a su vez ssh-agent
107 y carga id_dsa. A continuación agriffis ejecuta un comando source de las
108 variables en el entorno y hace login en <c>dev.gentoo.org</c>. Normalmente
109 <c>keychain</c> (y la consiguiente carga del entorno) deberían ser
110 ejecutados desde los ficheros de inicialización del shell. Su invocación se
111 muestra aquí.
112 </p>
113
114 <figure link="keychain-ss2.png" caption="Más acciones de keychain" />
115 <p>
116 En esta ocasión cuando agriffis ejecuta <c>keychain</c>, se encuentra un
117 ssh-agent que está corriendo y éste es usado. No es necesario cargar id_dsa
118 por segunda vez. Ahora agriffis hace un comando source de las variables en
119 el entorno y hace login en <c>dev.gentoo.org</c>. De nuevo, <c>keychain</c>
120 (y la consiguiente carga del entorno) deberían ser ejecutados desde los
121 ficheros de inicialización del shell. Su invocación se muestra aquí.
122 </p>
123
124 </body>
125 </section>
126 </chapter>
127
128 <chapter>
129 <title>Descarga e instalación</title>
130 <section>
131 <title>Gentoo Linux</title>
132 <body>
133
134 <p>
135 La instalación en Gentoo es fácil, simplemente haga emerge. ¡Por supuesto!
136 </p>
137
138 <pre caption="Inicialización de keychain en Gentoo">
139 <comment>(Instalar keychain)</comment>
140 # emerge keychain -pv
141 # emerge keychain
142 <comment>(Leer la ayuda)</comment>
143 # keychain --help
144 </pre>
145
146 </body>
147 </section>
148 <section>
149 <title>Red Hat y otras distribuciones basadas en RPM</title>
150 <body>
151
152 <p>
153 Descargue último paquete rpm desde <uri
154 link="http://agriffis.n01se.net/keychain/"
155 >http://agriffis.n01se.net/keychain/</uri>. Después de descargarlo, ejecute
156 estos comandos (como root) para instalar la clave GPG pública usada para
157 firmar el RPM, entonces puede verificar el RPM e instalarlo:
158 </p>
159
160 <pre caption="Instalación del RPM de keychain">
161 <comment>(Obtenga la clave pública usada para firmar los rpms)</comment>
162 # <i>gpg --keyserver subkeys.pgp.net --recv-key 20104eb0</i>
163 <comment>(Verifique la huella dactilar del la clave obtenida)</comment>
164 # <i>gpg --fingerprint 20104eb0</i>
165 pub 1024D/20104EB0 2003-09-28 Aron Griffis &lt;agriffis@×××××.net&gt;
166 Key fingerprint = E3B6 8734 C2D6 B5E5 AE76 FB3A 26B1 C5E3 2010 4EB0
167 sub 1024g/A2D963E7 2003-09-28
168 <comment>(Importe la clave al anillo de claves de rpm)</comment>
169 # <i>gpg --export --armor 20104eb0 &gt; /tmp/20104eb0.pub</i>
170 # <i>rpm --import /tmp/20104eb0.pub</i>
171 # <i>rm /tmp/20104eb0.pub</i>
172 <comment>(Compruebe el rpm; tamto el md5 como el gpg deberían ser correctos) </comment>
173 # <i>rpm -K keychain-2.6.8-1.noarch.rpm</i>
174 <comment>(Instale el rpm)</comment>
175 # <i>rpm -Uvh keychain-2.6.8-1.noarch.rpm</i>
176 </pre>
177
178 <note>
179 Si su cortaguegos bloquea las conexiones GPG al servidor de claves, puede
180 instalar la clave GPG manualmente ejecutando <c>wget -O -
181 http://agriffis.n01se.net/gpg-pubkey-20104eb0.asc | gpg --import</c>
182 </note>
183
184 <p>
185 Finalmente, con un usuario normal, ejecute <c>keychain --help</c> para las
186 instrucciones de configuración.
187 </p>
188
189 </body>
190 </section>
191 <section>
192 <title>Fuentes</title>
193 <body>
194
195 <p>
196 Se pueden encontrar tarballs de <c>keychain</c> en <uri
197 link="http://agriffis.n01se.net/keychain/"
198 >http://agriffis.n01se.net/keychain/</uri>.
199 </p>
200
201 </body>
202 </section>
203 </chapter>
204
205 <chapter>
206 <title>Registro de cambios</title>
207 <section>
208 <body>
209
210 <pre caption="Registro de cambios de keychain">
211 <!-- begin automatic ChangeLog insertion
212 end automatic ChangeLog insertion -->
213 * keychain 2.6.8 (24 Oct 2006)
214
215 24 Oct 2006; Aron Griffis &lt;agriffis@g.o&gt;:
216 Save LC_ALL for gpg invocation so that pinentry-curses works. This affected
217 peper and kloeri, though it seems to work for me in any case.
218
219 * keychain 2.6.7 (24 Oct 2006)
220
221 24 Oct 2006; Aron Griffis &lt;agriffis@g.o&gt;:
222 Prevent gpg_listmissing from accidentally loading keys
223
224 * keychain 2.6.6 (08 Sep 2006)
225
226 08 Sep 2006; Aron Griffis &lt;agriffis@g.o&gt;:
227 Make --lockwait -1 mean forever. Previously 0 meant forever but was
228 undocumented. Add more locking regression tests #137981
229
230 * keychain 2.6.5 (08 Sep 2006)
231
232 08 Sep 2006; Aron Griffis &lt;agriffis@g.o&gt;:
233 Break out of loop when empty lockfile can't be removed #127471. Add locking
234 regression tests:
235 100_lock_stale 101_lock_held 102_lock_empty 103_lock_empty_cant_remove
236
237 * keychain 2.6.4 (08 Sep 2006)
238
239 08 Sep 2006; Aron Griffis &lt;agriffis@g.o&gt;:
240 Add validinherit function so that validity of SSH_AUTH_SOCK and friends can be
241 validated from startagent rather than up front. The advantage is that warning
242 messages aren't emitted unnecessarily when --inherit *-once.
243 Fix --eval for fish, and add new testcases:
244 053_start_with_--eval_ksh
245 054_start_with_--eval_fish
246 055_start_with_--eval_csh
247
248 * keychain 2.6.3 (07 Sep 2006)
249
250 07 Sep 2006; Aron Griffis &lt;agriffis@g.o&gt;:
251 Support fish: http://roo.no-ip.org/fish/
252 Thanks to Ilkka Poutanen for the patch.
253
254 * keychain 2.6.2 (20 Mar 2006)
255
256 20 Mar 2006; Aron Griffis &lt;agriffis@g.o&gt;:
257 Add --confirm option and corresponding regression tests for Debian bug 296382.
258 Thanks to Liyang HU for the patch. Also add initialization for $ssh_timeout
259 which was being inherited from the environment and add regression tests for
260 --timeout
261
262 * keychain 2.6.1 (10 Oct 2005)
263
264 10 Oct 2005; Aron Griffis &lt;agriffis@g.o&gt;:
265 Change "unset evalopt" to "evalopt=false" and run through *all* the regression
266 tests instead of just the new ones. *sigh*
267
268 * keychain 2.6.0 (10 Oct 2005)
269
270 10 Oct 2005; Aron Griffis &lt;agriffis@g.o&gt;:
271 Add the --eval option which makes keychain startup easier. See the man-page
272 for examples. Get rid of the release notes from README, so now this file is
273 where changes are tracked.
274
275 * keychain 2.5.5 (28 Jul 2005)
276
277 28 Jul 2005; Aron Griffis &lt;agriffis@g.o&gt;:
278 Add the --env option and automatic reading of .keychain/env. This allows
279 variables such as PATH to be overridden for peculiar environments
280
281 * keychain 2.5.4.1 (11 May 2005)
282
283 11 May 2005; Aron Griffis &lt;agriffis@g.o&gt;:
284 A minor bug in 2.5.4 resulted in always exiting with non-zero status. Change
285 back to the correct behavior of zero for success, non-zero for failure
286
287 * keychain 2.5.4 (11 May 2005)
288
289 11 May 2005; Aron Griffis &lt;agriffis@g.o&gt;:
290 Fix bug 92316: If any locale variables are set, override them with LC_ALL=C.
291 This fixes a multibyte issue with awk that could keep a running ssh-agent from
292 being found.
293 Fix bug 87340: Use files instead of symlinks for locking, since symlink
294 creation is not atomic on cygwin.
295
296 * keychain 2.5.3.1 (10 Mar 2005)
297
298 10 Mar 2005; Aron Griffis &lt;agriffis@g.o&gt;:
299 Fix problem introduced in 2.5.3 wrt adding gpg keys to the agent. Thanks
300 to Azarah for spotting it.
301
302 * keychain 2.5.3 (09 Mar 2005)
303
304 09 Mar 2005; Aron Griffis &lt;agriffis@g.o&gt;:
305 Improve handling of DISPLAY by unsetting if blank. Call gpg with
306 --use-agent explicitly.
307
308 * keychain 2.5.2 (06 Mar 2005)
309
310 06 Mar 2005; Aron Griffis &lt;agriffis@g.o&gt;:
311 Fix bug 78974 "keychain errors on Big/IP (x86 BSD variant)" by refraining
312 from using ! in conditional expressions. Fix RSA fingerprint extraction
313 on Solaris, reported in email by Travis Fitch. Use $HOSTNAME when
314 possible instead of calling uname -n to improve bash_profile
315 compatibility.
316
317 * keychain 2.5.1 (12 Jan 2005)
318
319 12 Jan 2005; Aron Griffis &lt;agriffis@g.o&gt;:
320 Don't accidentally inherit a forwarded agent when
321 inheritwhich=local-once. Move the --stop warning after the version
322 splash.
323
324 * keychain 2.5.0 (07 Jan 2005)
325
326 07 Jan 2005; Aron Griffis &lt;agriffis@g.o&gt;:
327 Add inheritance support via --inherit. Add parameters to --stop for
328 more control. Change the default behavior of keychain to inherit if
329 there's no keychain agent running ("--inherit local-once"), and
330 refrain from killing other agents unless "--stop others" is
331 specified.
332
333 * keychain 2.4.3 (17 Nov 2004)
334
335 17 Nov 2004; Aron Griffis &lt;agriffis@g.o&gt;:
336 Fix bug 69879: Update findpids to work again on BSD; it has been
337 broken since the changes in version 2.4.2. Now we use OSTYPE (bash)
338 or uname to determine the system type and call ps appropriately.
339
340 * keychain 2.4.2.1 (30 Sep 2004)
341
342 30 Sep 2004; Aron Griffis &lt;agriffis@g.o&gt;:
343 Fix minor issues in the test for existing gpg keys wrt DISPLAY
344
345 * keychain 2.4.2 (29 Sep 2004)
346
347 29 Sep 2004; Aron Griffis &lt;agriffis@g.o&gt;:
348 Make gpg support more complete. Allow adding keys, clearing the
349 agent, etc. Fix --quick support to work properly again; it was
350 broken since 2.4.0. Change default --attempts to 1 since the progs
351 ask multiple times anyway.
352
353 * keychain 2.4.1 (22 Sep 2004)
354
355 22 Sep 2004; Aron Griffis &lt;agriffis@g.o&gt;:
356 Fix bugs 64174 and 64178; support Sun SSH, which is really OpenSSH
357 in disguise and a few critical outputs changed. Thanks to Nathan
358 Bardsley for lots of help debugging on Solaris 9
359
360 15 Sep 2004; Aron Griffis &lt;agriffis@g.o&gt;:
361 Fix pod2man output so it formats properly on SGI systems. Thanks to
362 Matthew Moore for reporting the problem.
363
364 * keychain 2.4.0 (09 Sep 2004)
365
366 09 Sep 2004; Aron Griffis &lt;agriffis@g.o&gt;:
367 Fix bug 26970 with first pass at gpg-agent support
368
369 Fix Debian bug 269722; don't filter output of ssh-add
370
371 Fix bug reported by Marko Myllynen regarding keychain and Solaris
372 awk's inability to process -F'[ :]'
373
374 Fix bug in now_seconds calculation, noticed by me.
375
376 * keychain 2.3.5 (28 Jul 2004)
377
378 28 Jul 2004; Aron Griffis &lt;agriffis@g.o&gt;:
379 Fix bug 58623 with patch from Daniel Westermann-Clark; don't put an
380 extra newline in the output of listmissing
381
382 Generate keychain.spec from keychain.spec.in automatically so that
383 the version can be set appropriately.
384
385 * keychain 2.3.4 (24 Jul 2004)
386
387 24 Jul 2004; Aron Griffis &lt;agriffis@g.o&gt;:
388 Fix bug 28599 reported by Bruno Pelaia; ignore defunct processes in
389 ps output
390
391 * keychain 2.3.3 (30 Jun 2004)
392
393 30 Jun 2004; Aron Griffis &lt;agriffis@g.o&gt;:
394 Fix bug reported by Matthew S. Moore in email; escape the backticks
395 in --help output
396
397 Fix bug reported by Herbie Ong in email; set pidf, cshpidf and lockf
398 variables after parsing command-line to honor --dir setting
399
400 Fix bug reported by Stephan Stahl in email; make spaces in filenames
401 work throughout keychain, even in pure Bourne shell
402
403 Fix operation on HP-UX with older OpenSSH by interpreting output of
404 ssh-add as well as the error status
405
406 * keychain 2.3.2 (16 Jun 2004)
407
408 16 Jun 2004; Aron Griffis &lt;agriffis@g.o&gt;:
409 Fix bug 53837 (keychain needs ssh-askpass) by unsetting SSH_ASKPASS
410 when --nogui is specified
411
412 * keychain 2.3.1 (03 Jun 2004)
413
414 03 Jun 2004; Aron Griffis &lt;agriffis@g.o&gt;:
415 Fix bug 52874: problems when the user is running csh
416
417 * keychain 2.3.0 (14 May 2004)
418
419 14 May 2004; Aron Griffis &lt;agriffis@g.o&gt;:
420 Rewrite the locking code to avoid procmail
421
422 * keychain 2.2.2 (03 May 2004)
423
424 03 May 2004; Aron Griffis &lt;agriffis@g.o&gt;:
425 Call loadagent prior to generating HOSTNAME-csh file so that
426 variables are set.
427
428 * keychain 2.2.1 (27 Apr 2004)
429
430 27 Apr 2004; Aron Griffis &lt;agriffis@g.o&gt;:
431 Find running ssh-agent processes by searching for /[s]sh-agen/
432 instead of /[s]sh-agent/ for the sake of Solaris, which cuts off ps
433 -u output at 8 characters. Thanks to Clay England for reporting the
434 problem and testing the fix.
435
436 * keychain 2.2.0 (21 Apr 2004)
437
438 21 Apr 2004; Aron Griffis &lt;agriffis@g.o&gt;:
439 Rewrote most of the code, organized into functions, fixed speed
440 issues involving ps, fixed compatibility issues for various UNIXes,
441 hopefully didn't introduce too many bugs. This version has a
442 --quick option (for me) and a --timeout option (for carpaski).
443
444 Also added a Makefile and converted the man-page to pod for easier
445 editing. See perlpod(1) for information on the format. Note that
446 the pod is sucked into keychain and colorized when you run make.
447
448 * keychain 2.0.3 (06 Apr 2003)
449
450 06 Apr 2003; Seth Chandler &lt;sethbc@g.o&gt;:
451 Added keychain man page, fixed bugs with displaying colors for keychain
452 --help. Also added a $grepopts to fix the grepping for a pid on cygwin
453 Also added a TODO document
454 color fix based on submission by Luke Holden &lt;email@×××××××××.org&gt;
455
456 * keychain 2.0.2 (26 Aug 2002)
457
458 26 Aug 2002; the Tru64 fix didn't work; it was being caused by "trap - foo"
459 rather than "tail +2 -". Now really fixed.
460
461 26 Aug 2002; fixed "ssh-add" call to only redirect stdin (thus enabling
462 ssh-askpass) if ssh_askpass happens to be set; this is to work around a bug
463 in openssh were redirecting stdin will enable ssh-askpass even if ssh_askpass
464 isn't set, which contradicts the openssh 3.4_p1 man page. to enable
465 ssh-askpass, keychain now requires that the ssh_askpass var be set to point
466 to your askpass program.
467
468 * keychain 2.0.1 (24 Aug 2002)
469
470 24 Aug 2002; "--help" fixes; the keychain files were listed as sh-${HOSTNAME}
471 rather than ${HOSTNAME}-sh. Now consistent with the actual program. Thanks to
472 Christian Plessl &lt;plessl@×××××××××××.ch&gt;, others for reporting this issue.
473
474 24 Aug 2002; cycloon &lt;cycloon@××××××××.org&gt;: "If you add &lt; /dev/null when
475 adding the missingkeys via "ssh-add ${missingkeys}" (at line 454 of version
476 2.0) so that it reads: "ssh-add ${missingkeys} &lt; /dev/null" then users can
477 use program like x11-ssh-askpass in xfree to type in their passphrase. It
478 then still works for users on shell, depending if $DISPLAY is set." Added.
479
480 24 Aug 2002; A fix to calling "tail" that *should* fix things for Tru64 Unix;
481 unfortunately, I have no way to test but the solution should be portable to
482 all other flavors of systems. Thanks to Mark Scarborough
483 &lt;Mark.Scarborough@×××××××××.com&gt; for reporting the issue.
484
485 24 Aug 2002; Changed around the psopts detection stuff so that "-x -u $me f"
486 is used; this is needed on MacOS X. Thanks to Brian Bergstrand
487 &lt;brian@×××××××××××××××.net&gt;, others for reporting this issue.
488
489 * keychain 2.0 (17 Aug 2002)
490
491 17 Aug 2002; (Many submitters): A fix for keychain when running on HP-UX
492 10.20.
493
494 17 Aug 2002; Patrice DUMAS - DOCT &lt;dumas@××××××××××××.fr&gt;: Now perform help
495 early on to avoid unnecessary processing. Also added --dir option to allow
496 keychain to look in an alternate location for the .keychain directory (use
497 like this: "keychain --dir /var/foo")
498
499 17 Aug 2002; Martial MICHEL &lt;martial@×××××××××××××××××.net&gt;: Martial also
500 suggested moving help processing to earlier in the script. He also submitted
501 a patch to place .ssh-agent-* files in a ~/.keychain/ directory, which makes
502 sense particularly for NFS users so I integrated the concept into the code.
503
504 17 Aug 2002; Fred Carter &lt;fred.carter@××××××××××.com&gt;: Cygwin fix to use
505 proper "ps" options.
506
507 17 Aug 2002; Adrian Howard &lt;adrianh@××××××××××.com&gt;: patch so that lockfile
508 gets removed even if --noask is specified.
509
510 17 Aug 2002; Mario Wolff &lt;wolff@××××××××××.de&gt;: Replaced an awk dependency
511 with a shell construct for improved performance.
512
513 17 Aug 2002; Marcus Stoegbauer &lt;marcus@×××××.org&gt;, Dmitry Frolov
514 &lt;frolov@××××××××××××.ru&gt;: I (Daniel Robbins) solved problems reported by
515 Marcus and Dmitry (mis-parsed command line issues) by following Dmitry's good
516 suggestion of performing argument parsing all at once at the top of the
517 script.
518
519 17 Aug 2002; Brian W. Curry &lt;truth@××××××××××.net&gt;: Added commercial SSH2
520 client support; improved output readability by initializing myfail=0;
521 integrated Cygwin support into the main keychain script; improved Cygwin
522 support by setting "trap" appropriately. Thanks Brian!
523
524 * keychain 1.9 (04 Mar 2002)
525
526 04 Mar 2002; changed license from "GPL, v2 or later" to "GPL v2".
527
528 04 Mar 2002; added "keychain.cygwin" for Cygwin systems. It may be time to
529 follow this pattern and start building separate, optimized scripts for each
530 platform so they don't get too sluggish. Maybe I could use a C preprocessor
531 for this.
532
533 06 Dec 2001; several people: Solaris doesn't like '-e' comparisons; switched
534 to '-f'
535
536 * keychain 1.8 (29 Nov 2001)
537
538 29 Nov 2001; Philip Hallstrom (philip@×××××××××××××.com) Added a "--local"
539 option for removing the ${HOSTNAME} from the various files that keychain
540 creates. Handy for non-NFS users.
541
542 29 Nov 2001; Aron Griffis (agriffis@g.o) Using the Bourne shell "type"
543 builtin rather than using the external "which" command. Should make things a
544 lot more robust and slightly faster.
545
546 09 Nov 2001; Mike Briseno (mike@×××××.com) Solaris' "which" command outputs
547 "no lockfile in..." to stdout rather than stderr. A one-line fix (test the
548 error condition) has been applied.
549
550 09 Nov 2001; lockfile settings tweak
551
552 09 Nov 2001; Rewrote how keychain detects failed passphrase attempts. If you
553 stop making progress providing valid passphrases, it's three strikes and
554 you're out.
555
556 09 Nov 2001; Constantine P. Sapuntzakis (csapuntz@××××××××.edu) Some private
557 keys can't be "ssh-keygen -l -f"'d; this patch causes keychain to look for
558 the corresponding public key if the private key doesn't work. Thanks
559 Constantine!
560
561 09 Nov 2001; Victor Leitman (vleitman@×××××.com) CYAN color misdefined;
562 fixed.
563
564 27 Oct 2001; Brian Wellington (bwelling@×××××.org) A "quiet mode" (--quiet)
565 fix; I missed an "echo".
566
567 27 Oct 2001; J.A. Neitzel (jan@××××××××.org) Missed another "kill -9"; it's
568 now gone.
569
570 * keychain 1.7 (21 Oct 2001)
571
572 21 Oct 2001; Frederic Gobry (frederic.gobry@×××××××××.ch) Frederic suggested
573 using procmail's lockfile to serialize the execution of critical parts of
574 keychain, thus avoiding multiple ssh-agent processes being started if you
575 happen to have multiple xterms open automatically when you log in.
576 Initially, I didn't think I could add this, since systems may not have the
577 lockfile command; however, keychain will now auto-detect whether lockfile is
578 installed; if it is, keychain will automatically use it, thus preventing
579 multiple ssh-agent processes from being spawned.
580
581 21 Oct 2001; Raymond Wu (ursus@×××.net): --nocolor test is no longer inside
582 the test for whether "echo -e" works. According to Raymond, this works
583 optimally on his Solaris box.
584
585 21 Oct 2001; J.A. Neitzel (jan@××××××××.org): No longer "kill -9" our
586 ssh-agent processes. SIGTERM should be sufficient and will allow ssh-agent to
587 clean up after itself (this reverses a previously-applied patch).
588
589 21 Oct 2001; Thomas Finneid (tfinneid@××××××.no): Added argument "--quiet |
590 -q" to make the program less intrusive to the user; with it, only error and
591 interactive messages will appear.
592
593 21 Oct 2001; Thomas Finneid (tfinneid@××××××.no): Changed the format of some
594 arguments to bring them more in line with common *nix programs: added "-h" as
595 alias for "--help"; added "-k" as alias for "--stop"
596
597 21 Oct 2001; Mark Stosberg (mark@×××××××××××.com): $pidf to "$pidf" fixes to
598 allow keychain to work with paths that include spaces (for Darwin and MacOS X
599 in particular).
600
601 21 Oct 2001; Jonathan Wakely (redi@××××××××××××.net): Small patch to convert
602 "echo -n -e" to "echo -e "\c"" for FreeBSD compatibility.
603
604 * keychain 1.6 (15 Oct 2001)
605
606 13 Oct 2001; Ralf Horstmann (ralf.horstmann@×××××××××.com): Add /usr/ucb to
607 path for Solaris systems.
608
609 11 Oct 2001; Idea from Joe Reid (jreid@××××.net): Try to add multiple keys
610 using ssh-add; avoid typing in identical passphrases more than once. Good
611 idea!
612
613 *keychain 1.5 (21 Sep 2001)
614
615 21 Sep 2001; David Hull (hull@×××××××.com): misc. compatibility, signal
616 handling, cleanup fixes
617
618 21 Sep 2001; "ps" test to find the right one for your OS.
619
620 20 Sep 2001; Marko Myllynen (myllynen@×××.fi): "grep [s]sh-agent" to "grep
621 [s]sh-agent" (zsh fix)
622
623 *keychain 1.4 (20 Sep 2001)
624
625 20 Sep 2001; David Hull (hull@×××××××.com): "touch $foo" to "&gt;$foo"
626 optimization and other "don't fork" fixes. Converted ${foo#--} to a case
627 statement for Solaris sh compatibility.
628
629 20 Sep 2001; Try an alternate "ps" syntax if our default one fails. This
630 should give us Solaris and IRIX (sysV) compatibility without breaking BSD.
631
632 20 Sep 2001; Hans Peter Verne (h.p.verne@××××××××.no); "echo -e" to "echo $E"
633 (for IRIX compatibility with --nocolor), optimization of grep ("grep
634 [s]sh-agent")
635
636 17 Sep 2001; Marko Myllynen (myllynen@×××.fi): Various fixes: trap signal 2
637 if signal INT not supported (NetBSD); handle invalid keys correctly; ancient
638 version of ash didn't support ~, so using $HOME; correct zsh instruction;
639 minor cleanups
640
641 *keychain 1.3 (12 Sep 2001)
642
643 12 Sep 2001; Minor color changes; the cyan was hard to read on xterm-colored
644 terms so it was switched to bold. Additional --help text added.
645
646 10 Sep 2001; We now use .ssh-agent-[hostname] instead of .ssh-agent. We now
647 create a .ssh-agent-csh-[hostname] file that can be sourced by csh-compatible
648 shells. We also now kill all our existing ssh-agent processes before
649 starting a new one.
650
651 10 Sep 2001; Robert R. Wal (rrw@××××.pl): Very nice NFS fixes, colorization
652 fixes, tcsh redirect -&gt; grep -v fix. Thanks go out to others who sent me
653 similar patches.
654
655 10 Sep 2001; Johann Visagie (johann@×××××××××.com): "source" to "."
656 shell-compatibility fixes. Thanks for the FreeBSD port.
657
658 10 Sep 2001; Marko Myllynen (myllynen@×××.fi): rm -f $pidf after stopping
659 ssh-agent fix
660
661 *keychain 1.2
662
663 09 Sep 2001; README updates to reflect new changes.
664
665 09 Sep 2001; Marko Myllynen (myllynen@×××.fi): bash 1/zsh/sh compatibility;
666 now only tries to kill *your* ssh-agent processes, version fix, .ssh-agent
667 file creation error detection. Thanks!
668
669 *keychain 1.1; fixes for calling "pidof"; README; ChangeLog
670
671 07 Sep 2001; Addition of README stating that keychain requires bash 2.0 or
672 greater, as well as quick install directions and web URL.
673
674 07 Sep 2001; Explicitly added /sbin and /usr/sbin to path, and then called
675 "pidof". I think that this is a bit more robust.
676
677 06 Sep 2001; from John Ellson (ellson@××××××.com): "pidof" changed to
678 "/sbin/pidof", since it's probably not in $PATH
679
680 06 Sep 2001; New ChangeLog! :)
681
682 *keychain 1.0; initial release (Aug 2001)
683
684 </pre>
685
686 </body>
687 </section>
688 </chapter>
689 </guide>
Report Message
Find on MARC Find on Google Groups