[new] keychain [ssh-keys manager]

Similar Messages

• SCP, SSH and SFTP in CMD / File-Explorer and SSH key management with Windows Credential Manger

  Please add SSH, SFTP and SCP in CMD and File Explorer.
  Also, allow us to copy to FTP in File Explorer.
  Would be nice to have the SSH credentials managed by Windows Credentials Manager.

  Even with the RHEL firewall completely disabled, it has the same upper limit. SCP between the Solaris systems, with ipfilter running on both systems and both systems on completely different networks, is not a problem. Between Solaris and RHEL, same network but different subnet, RHEL with no firewall running (only while troubleshooting this, don't panic), still a problem. Using PuTTY SFTP from/to any of the systems is fine, even though on different networks. The mtu on the RHEL was the same as the Solaris systems (1500) - changing values on the RHEL increased the upper limit but still hit a ceiling. Only have one RHEL system so I can't see whether RHEL-RHEL transfers are affected, only those between Solaris, PuTTY on Windows, and the one RHEL system.

• Keychain passwords broken after setting up a SSH key

  I am a web developer running Coda 2.0.11 on OSX 10.8.5 (not Mavericks yet), and I recently set up a site to use public/private RSA SSH keys with Media Temple. Getting that to work was a pain, but it works well. 
  For the unfamiliar, you create a key pair with Terminal – one is private, one is public. You set the public key up on the server, and configure an App like Coda to use the private key to authenticate the SFTP connection. The two keys also share a password, and Coda stores that password in the Keychain as well. 
  The problem:
  That site (with the key pairs) is now the only one I can connect to. I have 40 or more sites that mostly use SFTP (some use FTP) and I save the passwords with each of the site connection settings. Coda uses the Mac Keychain to store the passwords. Some of the sites show a saved password, some don't. Either way, if I enter the passwords again, Coda tells me that the username and password were rejected by the server.
  There are a handful of sites that I can still connect to with Transmit (another Panic product), but even some of those no longer work when I KNOW the username/password combination is correct. Similarly, I can not connect to sites using Navicat (for MySQL database management, not a Panic product) and I know I was able to connect up until very recently, which makes me think this is a Keychain issue.
  The sites that I can not connect to are on Media Temple, Modwest, Dreamhost, and another local hosting company, so that rules out an issue with the hosting provider.
  I ran Keychain First Aid and even Repaired Disk Permissions with the Disk Utility with no improvement.
  Short of scrapping my keychain and starting over again, does anyone out there have any advice or is there a Coda bug at work in here somewhere?
  Thanks.

  A more tech-minded friend of mine reminded me that I also created a 'config' file inside the ~/.ssh directory to point to the new key that I created. The tutorial online on how to do this neglected to mention that the new config settings need to be scoped to the one site you need it for, otherwise all other keychain users will be pointed at the same settings...
  So while the content of my config file were this:
  HostName www.sample.com
  User username
  IdentityFile ~/.ssh/key_name
  Port 2222
  It should be scoped to one site. Simply adding an additional parameter and indenting the settings below that did the trick.
  Host uniquename
            HostName www.sample.com
            User username
            IdentityFile ~/.ssh/key_name
            Port 2222
  So I will leave this here in case anyone else encounters the same problem.

• Can OpsCenter act as configuration managment? (keep server ssh keys for rebuild)

  I'm very new to OpsCentre. Can it act as a sort of configuration managment tool, eg keeping ssh keys (or other host-particular config files) of a server, so in case the server is (or has to be - Disaster Recovery) be rebuilt, the old ssh keys can be restored on it by OpsCentre as is it is re-built (re-provisioned, I guess is how they call it).
  Very grateful for advice!

  Enterprise Manager (EM) Ops Center (OC) is not a Configuration Management(CM) tool. Ops Center is a "end-to-end" infrastructural System Management tool (not restore a previous configuration). It's covered all task of management infrastructure (Oracle) stack. Read a welcome message of EM OC Doc Library.
  IHMO: A good Configuration Management and Change Management tool is CFengine 3 or Puppet.
  HTH
  Michele V.
  If you want, mark the reply as “Helpful Answer“ or “Correct Answer”. By marking replies correct or helpful, you make it easier for community members to find replies that might help them in a similar situation

• Ssh client with key management

  hi,
  i search of a ssh client with rsa/dsa key management, and i can't find one
  thanks
  C

  Not sure precisely if this is what you're looking for, but Fugu
  http://rsug.itd.umich.edu/software/fugu/
  seems to be a pretty effective SSH client, with graphical interface.
  Does running shh from the Terminal (command line) do what you need?

• [SOLVED] a problem with gpg-agent and ssh keys

  I'm baffled by a strangle problem:
  My setup is as follows: I use gpg-agent with --enable-ssh-support, so that my ssh keys are handled by it. All was fine (when I ssh'ed to another machine, a pinentry window popped up, asked for a password, and if I entered the correct one, gpg-agent would decrypt its copy of my private ssh key and use it for identification). But: I needed to change my ssh key, and so I generated a new one. Next, I ssh-add'ed it to gpg-agent (one password to decrypt the private key, then twice another password for gpg-agent). I uploaded the public key to a server. The setup should be complete.
  The problem is that when I ssh to a machine, a pinentry window comes up, but it does not accept my password (the one that I entered twice when ssh-add'ing the key). I tried adding with various different passwords (always deleting ~/.gnupg/private-keys-v1.d/*, since 'ssh-add -d ~/.ssh/id_rsa.pub' would not work for some reason - it would not make gpg-agent forget the key), different pinentry programs ( -qt4, -gtk-2, -curses), and still the same problems. Pinentry itself seems to work fine, since if I enter two different things when it asks for a new passphrase for the key, it detects that there's a problem.
  So, can anyone help? What could I try (please don't post just to say that I could/should use ssh-agent, or keychain, or anything else. I have used various things, and I like this setup the most. It worked before, and I would like to find out why it stopped working and how to get it back to speed.)
  Thanks.
  Last edited by bender02 (2010-02-15 09:52:54)

  Thats a known bug with the new gpg version.
  http://lists.gnupg.org/pipermail/gnupg- … 38045.html
  You could use an older version of gpg or use a development version.

• How to unlock ssh keys with lxde

  I'm running a minimal setup with lxde.  What manages ssh keys under lxde?  I want to have my user's key unlocked when logged in so I can ssh and scp at will.
  Thanks!

  I have faced the same issue (with a WM like fluxbox/openbox, not LXDE).. There is no specific program that manages ssh keys in LXDE.
  From my research, there are 3 possible solutions -
  1) You can start the gnome-keyring (or is that seahorse) in LXDE (or any WM). This can manage your ssh keys
  2) You can generate a new ssh key with empty passphrase.. That way, you will not be asked for passphrase everytime.. This is what I use.. Very simple to configure and use.. Note: The private key will be stored unencrypted on the disk if the passphrase is empty. It may be a security concern
  3) Use "ssh-agent" and "ssh-add" command to remember the passphrase after you type it once..
  You can use the snippet below:
  $ eval `ssh-agent`
  $ ssh-add [optional ssh private file if not ~/.ssh/id_rsa]
  <enter passphrase>
  More detailed configuration here - http://www.mtu.net/~engstrom/ssh-agent.php
  Once you have done a ssh-add, the next time you can just start ssh-agent in the background. You can spawn an ssh-agent process when starting your X session.

• Not possible to open/create a new connection within BT manager on Satellite M40

  Bluetooh manager is open and present in system bar.
  However it is never possible to open/create a new connection within bluetooth manager as it always say "bluetooh is not ready". Troubleshooting is required but no clear indication is available; button for wireless link is active and I am able to have wifi internet access at the same time.
  It is never possible to open access to a PDA or mobile phone for file transfer through bluetooth.
  Do i have to reload completely the bluetooth stack or is there another way to troubleshoot the bluetooh system?
  Thanks you for replying if possible.

  Remove the Bluetooth Monitor software if it is installed. Download the latest BT-stack v5.10.06 here:
  http://aps.toshiba-tro.de/bluetooth/redirect.php?page=pages/download.php
  and install it. Ensure that the wireless switch is turned on and the suitable antenna is selected.
  Press Fn+F8 key to select BT antenna. Selection menu only appears if WLAN and BT is inside.
  Read the following if you should still have some problems:
  http://aps.toshiba-tro.de/bluetooth/redirect.php?page=pages/faq/bluetoothnotworking.html

• How do I create a new emkey for Enterprise Manager Database Control?

  Hi,
  I just installed 11gR2.
  I am evaluating it.
  How do I create a new emkey for Enterprise Manager Database Control?
  I tried various combinations of this command:
  emctl config emkey
  I did find a probable bug:
  $ emctl config emkey -emkey -emkeyfile emkey.ora -force -sysman_pwd he11ow0rld
  Oracle Enterprise Manager 11g Database Control Release 11.2.0.1.0
  Copyright (c) 1996, 2009 Oracle Corporation. All rights reserved.
  Undefined subroutine &EmKeyCmds::promptUserPasswd called at /u2/app/oracle/product/11.2.0/dbhome_1/bin/EmKeyCmds.pm line 160, <FILE> line 3.
  $
  Again,
  How do I create a new emkey for Enterprise Manager Database Control?
  I do have a copy of my old key but it is no longer good because I reinstalled the repository with these commands:
  emca -repos drop ...
  emca -repos create ...
  Oh, and where is emctl "documented".
  I poked around in some book-index links and with the search engine.
  I could not find anything.
  Thanks,
  -Janis

  user11892726 wrote:
  Oh, and where is emctl "documented".
  http://download.oracle.com/docs/cd/B16240_01/welcome.html

• Creating a new user in solution manager?

  Dear All,
        How to create a new user in solution manager for creating an incident?

  prathish5,
  I did this in our SolMan by following the instructions provided by a SAP document called: "Service Desk VAR Setup Master Data". I got it from the Support Portal, though I can't seem to find it now so I can't provide a link at this time.
  Anyway, assuming that your SolMan is already able to download your master data (and/or your customers', if you are a VAR), these are the steps suggested by the guide:
  1) The message creator (aka Key User) should have the following authorization roles:
  SAP_SUPPDESK_CREATE
  SAP_SUPPCF_CREATE
  SAP_SMWORK_BASIC
  SAP_SMWORK_INCIDENT_MAN
  See also SAP note 834534.
  A best practice is to create a Z copy of all of these roles (use transaction PFCG), so you can manage them and change them around if you need to. Just make sure to "activate" all the authorizations of your copy of the roles:
  - Open the roles in tr. PFCG;
  - Select Authorizations, and choose Change authorization data;
  - If you get a yellow semaphore, be sure to review the authorizations and fill them according to your security policy. You can assign global permissions for all the authorization objects by double-clicking the yellow semaphore;
  - Generate the profile, then go back and save the role;
  2) Following the guide, with tr. SU01 I created a Template user and called it KEY_USER (make sure the user type is actually Template) and assigned to it the Z roles you created in the step above;
  3) If your SolMan is working properly, you can now use report AI_SDK_SP_GENERATE_BP (tr. SA38) to create the Business Partners and SAP users automatically. The report will log in the Support Portal and read the users which are authorized to open a SAP tickets, and create a BP and user for each of them. Use the Template user KEY_USER created in step 2 as a "Reference user" and all the new users will automatically get the correct autorizations. Also if your SAP Connect (tr. SCOT) is correctly configured, you can choose to send an automatic mail to each user, with their login and generated password.
  Otherwise, you can manually create a user with transactions SU01 and BP - be sure to fill the "Identities" table here - the report AI_SDK_SP_GENERATE_BP makes all these things automatically so it's definitely your best bet.
  4) Your users should now be able to log in with the SAPgui and use transaction CREATE_NOTIF to create a new message in your SolMan. Also if you have done the preparation steps correctly they should also be able to log in your Incident Manager using their browser, and open a message there and also review their past messages.
  Those are just a quick insight of the steps you need to do. This is NOT an easy thing to configure, at least it wasn't for me; if you don't have a reliable guide to follow you're going to struggle: I strongly suggest you browse through the SAP documentations (also the blogs) - http://service.sap.com/xsearch is your best friend!
  I hope this helps a little bit. Good luck.

• SSH Key login not working when added to gpg-agent

  Hello,
  As I use gnupg, I run the gpg-agent. I run it with systemd --user and it works flawlessly. As I already run gpg-agent, I figured I might as well just add my ssh keys to it as well. Therefore I start gpg-agent with --enable-ssh-support. I use my SSH keys a lot and never had any problems with connecting to anything with a simple ssh .... or pushing things to git etc.
  As the SOCKS_AUTH_SSH envvar needs to be set for ssh-add to work, I added this line to my .bashrc
  export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
  Now, adding my SSH Keys with a simple ssh-add seems to work fine (no errors etc).
  However, when I try to connect to a server now, the following happens:
  ssh -vT [email protected]
  OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Connecting to XXXXXXXXX port XXXXX.
  debug1: Connection established.
  debug1: identity file /home/XXXXX/.ssh/id_rsa type 1
  debug1: key_load_public: No such file or directory
  debug1: identity file /home/XXXXX/.ssh/id_rsa-cert type -1
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_6.8
  debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
  debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr [email protected] none
  debug1: kex: client->server aes128-ctr [email protected] none
  debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Mw5MTDp91yExgStdoMPMwi2yZdoG9MruOm+6XiC5Vks
  debug1: Host '[XXXXXXX]:XXX' is known and matches the ECDSA host key.
  debug1: Found key in /home/XXXX/.ssh/known_hosts:1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey
  debug1: Next authentication method: publickey
  debug1: Offering RSA public key: /home/XXXXX/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 279
  debug1: No more authentication methods to try.
  Permission denied (publickey).
  Which is very strange as id_rsa is my (ecrypted) private key. I am also prompted to enter the corresponding password when issuing ssh-add.
  What could the problem be in this case? Thanks a lot!!
  Last edited by replax (2015-05-18 19:06:58)

  replax wrote:Well, there is something listed in .gnupg/sshcontrol , I am not sure if it is connected to my own key though. I tried ssh-add -l and it will list my one key, although it is different from the one in sshcontrol. I suspect that that is an issue of presentation though, as ssh-add spews out the SHA256 of my key..
  How could I go about verifying that they key is indeed correct? Shouldn't it be added automatically by ssh-add?
  Thanks a lot!!
  Yes it should be added automatically. I suppose you could try it in a new user just to start fresh and see if it works, at least then you'll have either verified that your steps were correct or incorrect.

• Call for participation: OASIS Enterprise Key Management Infrastructure TC

  We would welcome your participation in this process. Thank you.
  Arshad Noor
  StrongAuth, Inc.
  To: OASIS members & interested parties
  A new OASIS technical committee is being formed. The OASIS Enterprise Key
  Management Infrastructure (EKMI) Technical Committee has been proposed by the
  members of OASIS listed below. The proposal, below, meets the requirements of
  the OASIS TC Process [a]. The TC name, statement of purpose, scope, list of
  deliverables, audience, and language specified in the proposal will constitute
  the TC's official charter. Submissions of technology for consideration by the
  TC, and the beginning of technical discussions, may occur no sooner than the
  TC's first meeting.
  This TC will operate under our 2005 IPR Policy. The eligibility
  requirements for becoming a participant in the TC at the first meeting (see
  details below) are that:
  (a) you must be an employee of an OASIS member organization or an individual
  member of OASIS;
  (b) the OASIS member must sign the OASIS membership agreement [c];
  (c) you must notify the TC chair of your intent to participate at least 15
  days prior to the first meeting, which members may do by using the "Join this
  TC" button on the TC's public page at [d]; and
  (d) you must attend the first meeting of the TC, at the time and date fixed
  below.
  Of course, participants also may join the TC at a later time. OASIS and the TC
  welcomes all interested parties.
  Non-OASIS members who wish to participate may contact us about joining OASIS
  [c]. In addition, the public may access the information resources maintained for
  each TC: a mail list archive, document repository and public comments facility,
  which will be linked from the TC's public home page at [d].
  Please feel free to forward this announcement to any other appropriate lists.
  OASIS is an open standards organization; we encourage your feedback.
  Regards,
  Mary
  Mary P McRae
  Manager of TC Administration, OASIS
  email: mary.mcrae(AT)oasis-open.org
  web: www.oasis-open.org
  a) http://www.oasis-open.org/committees/process.php
  b) http://www.oasis-open.org/who/intellectualproperty.php
  c) See http://www.oasis-open.org/join/
  d) http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ekmi
  CALL FOR PARTICIPATION
  OASIS Enterprise Key Management Infrastructure (EKMI) TC
  Name
  OASIS Enterprise Key Management Infrastructure (EKMI) TC
  Statement of Purpose
  Public Key Infrastructure (PKI) technology has been around for more than a
  decade, and many companies have adopted it to solve specific problems in the
  area of public-key cryptography. Public-key cryptography has been embedded in
  some of the most popular tools -- web clients and servers, VPN clients and
  servers, mail user agents, office productivity tools and many industry-specific
  applications -- and underlies many mission-critical environments today.
  Additionally, there are many commercial and open-source implementations of PKI
  software products available in the market today. However, many companies across
  the world have recognized that PKI by itself, is not a solution.
  There is also the perception that most standards in PKI have already been
  established by ISO and the PKIX (IETF), and most companies are in
  operations-mode with their PKIs -- just using it, and adopting it to other
  business uses within their organizations. Consequently, there is not much left
  to architect and design in the PKI community.
  Simultaneously, there is a new interest on the part of many companies in the
  management of symmetric keys used for encrypting sensitive data in their
  computing infrastructure. While symmetric keys have been traditionally managed
  by applications doing their own encryption and decryption, there is no
  architecture or protocol that provides for symmetric key management services
  across applications, operating systems, databases, etc. While there are many
  industry standards around protocols for the life-cycle management of asymmetric
  (or public/private) keys -- PKCS10, PKCS7, CRMF, CMS, etc. -- however, there is
  no standard that describes how applications may request similar life-cycle
  services for symmetric keys, from a server and how public-key cryptography may
  be used to provide such services.
  Key management needs to be addressed by enterprises in its entirety -- for both
  symmetric and asymmetric keys. While each type of technology will require
  specific protocols, controls and management disciplines, there is sufficient
  common ground in the discipline justifying the approach to look at
  key-management as a whole, rather than in parts. Therefore, this TC will
  address the following:
  Scope
  A) The TC will create use-case(s) that describe how and where
  the protocols it intends to create, will be used;
  B) The TC will define symmetric key management protocols,
  including those for:
  1. Requesting a new or existing symmetric key from a server;
  2. Requesting policy information from a server related to caching of keys on the
  client;
  3. Sending a symmetric key to a requestor, based on a request;
  4. Sending policy information to a requestor, based on a request;
  5. Other protocol pairs as deemed necessary.
  C) To ensure cross-implementation interoperability, the TC will create a test
  suite (as described under 'Deliverables' below) that will allow different
  implementations of this protocol to be certified against the OASIS standard
  (when ratified);
  D) The TC will provide guidance on how a symmetric key-management infrastructure
  may be secured using asymmetric keys, using secure and generally accepted
  practices;
  E) Where appropriate, and in conjunction with other standards organizations that
  focus on disciplines outside the purview of OASIS, the TC will provide input on
  how such enterprise key-management infrastructures may be managed, operated and
  audited;
  F) The TC may conduct other activities that educate users about, and promote,
  securing sensitive data with appropriate cryptography, and the use of proper
  key-management techniques and disciplines to ensure appropriate protection of
  the infrastructure.
  List of Deliverables
  1. XSchema Definitions (XSD) of the request and response protocols (by August
  2007) 2. A Test Suite of conformance clauses and sample transmitted keys and
  content that allows for clients and servers to be tested for conformance to the
  defined protocol (by December 2007)
  3. Documentation that explains the communication protocol (by August 2007)
  4. Documentation that provides guidelines for how an EKMI may be built,
  operated, secured and audited (by December 2007)
  5. Resources that promote enterprise-level key-management: white papers,
  seminars, samples, and information for developer and public use. (beginning
  August 2007, continuing at least through 2008)
  Anticipated Audiences:
  Any company or organization that has a need for managing cryptographic keys
  across applications, databases, operating systems and devices, yet desires
  centralized policy-driven management of all cryptographic keys in the
  enterprise. Retail, health-care, government, education, finance - every industry
  has a need to protect the confidentiality of sensitive data. The TC's
  deliverables will provide an industry standard for protecting sensitive
  information across these, and other, industries.
  Security services vendors and integrators should be able to fulfill their use
  cases with the TC's key management methodologies.
  Members of the OASIS PKI TC should be very interested in this new TC, since the
  goals of this TC potentially may fulfill some of the goals in the charter of the
  PKI TC.
  Language:
  English
  IPR Policy:
  Royalty Free on Limited Terms under the OASIS IPR Policy
  Additional Non-normative information regarding the start-up of the TC:
  a. Identification of similar or applicable work:
  The proposers are unaware of any similar work being carried on in this exact
  area. However, this TC intends to leverage the products of, and seek liaison
  with, a number of other existing projects that may interoperate with or provide
  functionality to the EKMI TC's planned outputs, including:
  OASIS Web Services Security TC
  OASIS Web Services Trust TC
  W3C XMLSignature and XMLEncryption protocols and working group
  OASIS Digital Signature Services TC
  OASIS Public Key Infrastructure TC
  OASIS XACML TC (and other methods for providing granular access-control
  permissions that may be consumed or enforced by symmetic key management)
  b. Anticipated contributions:
  StrongAuth, Inc. anticipates providing a draft proposal for the EKMI protocol,
  at the inception of the TC. The current draft can be viewed at:
  http://www.strongkey.org/resources/documentation/misc/skcl-sks-protocol.html
  and a working implementation of this protocol is available at:
  http://sourceforge.net/projects/strongkey for interested parties.
  c. Proposed working title and acronym for specification:
  Symmetric Key Services Markup Language (SKSML), subject to TC's approval or
  change.
  d. Date, time, and location of the first meeting:
  First meeting will be by teleconference at:
  Date: January 16, 2007
  Time: 10 AM PST, 1PM EST
  Call in details: to be posted to TC list
  StrongAuth has agreed to host this meeting.
  e. Projected meeting schedule:
  Subject to TC's approval, we anticipate monthly telephone meetings for the first
  year. First version of the protocol to be voted on by Summer 2007. StrongAuth is
  willing to assist by arranging for the teleconferences; we anticipate using
  readily available free teleconference services.
  f. Names, electronic mail addresses, of supporters:
  Ken Adler, ken(AT)adler.net
  June Leung,June.Leung(AT)FundServ.com
  John Messing, jmessing(AT)law-on-line.com
  Arshad Noor, arshad.noor(AT)strongauth.com
  Davi Ottenheimer, davi(AT)poetry.org
  Ann Terwilliger, aterwil(AT)isa.com
  g. TC Convener:
  Arshad Noor, arshad.noor(AT)strongauth.com

  Hi Bilge,
  did you put your text in a blender before sending it?
  I understood everything works fine except the miscellaneous menu item in the configuration tab of ERM?
  Have you already tried to clear all browser cache, close all browsers and try it again?
  Best,
  Frank

• GPG-AGENT "ignoring" pinentry program? wrong pinentry app for ssh-keys

  Hi!
  I am using gpg-agent to handle my gpg keys and wanted it to handle my ssh keys too, since it is running anyway.
  it works perfectly fine with gpg keys, my pinentry program is pinentry-qt4 , upon request that window pops up for me to enter my passphrase.
  as window manager i use awesome wm.
  however, when i try to use my ssh key, e.g. for github, no pinentry program pops up and in xterm it looks like:
  [me@mybox dotfiles]$ git push origin master
  it seems that is is waiting for my passphrase input but it isnt asking for it. neither does it accept it.
  when i quit my WM, i see that it executed the pinentry program directly in my tty1, to which i do not have access while running my WM.
  my gpg-agent.conf:
  me@mybox ~/.gnupg> cat gpg-agent.conf
  default-cache-ttl 300
  max-cache-ttl 7200
  pinentry-program /usr/bin/pinentry-qt4
  how do i get gpg-agent to respect my pinentry choice for my ssh keys as well?
  thanks for your time !

  I use this
  $ cat /etc/kde/env/gpg-agent-startup.sh
  #!/bin/sh
  # see https://wiki.archlinux.org/index.php/SSH_Keys
  GPG_AGENT=/usr/bin/gpg-agent
  ## Run gpg-agent only if not already running, and available
  if [ -x "${GPG_AGENT}" ] ; then
  # check validity of GPG_SOCKET (in case of session crash)
  GPG_AGENT_INFO_FILE=${HOME}/.gpg-agent-info
  if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
  GPG_AGENT_PID=`cat ${GPG_AGENT_INFO_FILE} | grep GPG_AGENT_INFO | cut -f2 -d:`
  GPG_PID_NAME=`cat /proc/${GPG_AGENT_PID}/comm`
  if [ ! "x${GPG_PID_NAME}" = "xgpg-agent" ]; then
  rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
  else
  GPG_SOCKET=`cat "${GPG_AGENT_INFO_FILE}" | grep GPG_AGENT_INFO | cut -f1 -d: | cut -f2 -d=`
  if ! test -S "${GPG_SOCKET}" -a -O "${GPG_SOCKET}" ; then
  rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
  fi
  fi
  unset GPG_AGENT_PID GPG_SOCKET GPG_PID_NAME SSH_AUTH_SOCK
  fi
  if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
  eval "$(cat "${GPG_AGENT_INFO_FILE}")"
  eval "$(cut -d= -f 1 "${GPG_AGENT_INFO_FILE}" | xargs echo export)"
  export GPG_TTY=$(tty)
  else
  eval "$(${GPG_AGENT} -s --enable-ssh-support --daemon --pinentry-program /usr/bin/pinentry-qt4 --write-env-file)"
  fi
  fi
  I think I could probably use the /etc/profile.d location but when I first set it up, kde was already running gpg-agent so I adapted its file. Later, I uninstalled the thing which does that in kde and just kept my own customised version.
  Are you sure that your xinitrc isn't starting a second gpg-agent?

• Menu path to create new transaction event key

  Dear Experts,
  Please give me the menu path and Transaction code to create New transaction event key for
  Materials Management postings.
  Thanks in Advance

  Hi,
  SPRO - Materials Management - Purchasing - Conditions - Define Price determination process - Define transaction/Event Keys.
  For MM transaction key T Code OMGH
  and for FI tarnsaction key T Code is OBCN
  GO to SM30 enter the table T030A and then click on display
  Please note the group as well as transaction code
  May Help U !
  Regards,
  Pardeep Malik

• Unable to create ssh key

  Hi all,
  I'm having trouble creating an ssh key in the Terminal on Snow Leopard.  Here are the steps I follow:
  $ ssh-keygen -t rsa
  Generating public/private rsa key pair.
  Enter file in which to save the key (/Users/.../.ssh/id_rsa): (I hit enter)
  /Users/.../.ssh/id_rsa already exists.
  Overwrite (y/n)? y
  Enter passphrase (empty for no passphrase):
  Enter same passphrase again:
  (And then I see this message:)
  open /Users/.../.ssh/id_rsa failed: Is a directory.
  Saving the key failed: /Users/.../.ssh/id_rsa.
  How can I bypass this error?  I thought maybe the problem is that I have a previous keypair, but if so I followed the steps outlined in http://help.github.com/mac-set-up-git/ to remove the old pair before generating the new one, and I still get the same error message. 
  Any help would be greatly appreciated.
  T

  I actually fixed the problem, if anyone else comes across it: if facing this issue, when backing up and removing existing ssh keys before generating new ones, the command should be
  $ cp -R id_rsa* key_backup
  (Add the -R to the line in the GitHub instructions.)