Problem with script executed in /etc/X11/Xstartud.d/50-myconf

Question

I am trying to update a script inside /etc/X11/Xstartup.d/00-myconf. It contains a command that works well when tested manually, but not in the script. This command uses a pair of RSA keys to ssh into a remote server.

ssh -i /var/subfolder/.ssh/id_rsa -o StrictHostKeyChecking=no specialuser@server "command"

Works well from the console, already logged as a student, but when I try to log via X11 I get a popup asking for specialuser password, which in turn triggers ksshaskpass to require a new wallet (we don't use them).

I can cancel the request and the session is finally opened, but it happens everytime a student tries to logon or logoff.

I hope you will give me some hints!

Answer 1

I edited my question to provide more details and here is the answer.

For some (still unknown) reasons, lauching the command manually or inside the X11 logon script must be handled differently, especially reading the RSA private key.

When I launch the command manually, I am already logged as a student, the private key MUST be readable by anyone or the command won't work.

When I try the logon script, I get the following message in ssh log :

Permissions 0755 for '/var/exams/.ssh/id_rsa' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored.

So the solution was simply to chmod 700 the RSA key, and ignore the fact that the command won't work anymore manually.

Thanks to those who helped!