Skip to main content

Meerkat caching passwords?

8 replies [Last post]
tuckergperry
User offline. Last seen 21 weeks 1 hour ago. Offline
Joined: 09/29/2009

I'd like Meerkat to ask me for the tunnel password every time I establish the tunnel, but recently, it seems to have started keeping the password cached. It isn't saved in the keychain, but MK is successfully establishing a tunnel without my reentering the password. I believe this started with the update to 1.2.2, but I could be mistaken. Is there any way to change this behavior?

thanks!

Meerkat 1.2.2
OS 10.6.1

0
Justin
Justin's picture
User offline. Last seen 6 days 21 hours ago. Offline
Joined: 05/28/2008
Hmm, what is the setting

Hmm, what is the setting under Advanced > Security > Ask keychain for passwords on every use? That should apply only to passwords actually saved in the keychain, but worth check.

I will definitely investigate, though.

tuckergperry
User offline. Last seen 21 weeks 1 hour ago. Offline
Joined: 09/29/2009
"Ask keychain for

"Ask keychain for passwords..." is unchecked. I'm using password protected shared keys, if that makes a difference. I've also just noticed that I can quit Meerkat and relaunch it, and it will still remember the password. Perhaps the issue is in ssh itself.

EDIT: This seems to shed some light. Looks like it is a Snow Leopard issue.
http://discussions.apple.com/thread.jspa?messageID=10265013

Justin
Justin's picture
User offline. Last seen 6 days 21 hours ago. Offline
Joined: 05/28/2008
Ah, that makes sense. With

Ah, that makes sense. With passphrase-protected keys, ssh-agent will be responsible for the ask & cache (I think the prompt you see, if ever, will have a Terminal icon?) and Meerkat isn't even consulted.

Thanks for the heads up, though -- I'll keep that issue on my radar.

tuckergperry
User offline. Last seen 21 weeks 1 hour ago. Offline
Joined: 09/29/2009
Fix found!

There is a hint here that explains how to set a time-to-live for how long ssh-agent caches your passkey. In case that page disappears, here's what to do:

Edit the /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist plist, replacing these four lines:

<array>
<string>/usr/bin/ssh-agent</string>
<string>-l</string>
</array>

With this:

<array>
<string>/usr/bin/ssh-agent</string>
<string>-l</string>
<string>-t</string>
<string>120</string>
</array>

Where 120 is how long you want the passphrase cached in seconds.

Justin
Justin's picture
User offline. Last seen 6 days 21 hours ago. Offline
Joined: 05/28/2008
Thanks for this!

Thanks for this!

tuckergperry
User offline. Last seen 21 weeks 1 hour ago. Offline
Joined: 09/29/2009
I was excited to find it. The

I was excited to find it. The only downer is that my tunnel is often closed due to inactivity (I'll close the vnc connection, but forget the tunnel), and Meerkat will then prompt me for my passphrase again instead of just closing until I go and close it manually. A side-effect of the new auto-reconnect feature.

Justin
Justin's picture
User offline. Last seen 6 days 21 hours ago. Offline
Joined: 05/28/2008
Depending upon what you are

Depending upon what you are using for VNC, you may be able to use that app as a trigger for the tunnel, which means Meerkat will close the tunnel when you quit the program. Any regular OS X app will work for this, and if you are using a command-line invocation or something, you could build an AppleScript app bundle out of it to use it as an application for this purpose.

tuckergperry
User offline. Last seen 21 weeks 1 hour ago. Offline
Joined: 09/29/2009
Great idea. Unfortunately, in

Great idea. Unfortunately, in my case I use ARD. I set the tunnel to connect to my home machine from time to time, but I rarely quit ARD since I use it to connect to other local machines all day.

Either way, it isn't a difficult problem for me to fix.

Want to join the forums? Create an account or login.