Skip to content

Instantly share code, notes, and snippets.

@darrenpmeyer
Created November 20, 2020 19:35
Show Gist options
  • Save darrenpmeyer/e7ad217d929f87a7b7052b3282d1b24c to your computer and use it in GitHub Desktop.
Save darrenpmeyer/e7ad217d929f87a7b7052b3282d1b24c to your computer and use it in GitHub Desktop.
Automatically start a single instance of ssh-agent for all terminal sessions to share (bash)

Installation

  1. mkdir -p ~/.config && touch ~/.config/ssh-agent.pid
  2. Paste the contents of ssh-agent-manage.sh into your .bashrc or .bash_profile or similar
  3. killall -9 ssh-agent
  4. Start a new terminal session (note: old sessions will not see ssh-agent, only new ones)

Details

This snippet, when included in .bashrc, will ensure that your session has a working ssh-agent with all your ssh keys loaded into it. It does this without creating separate ssh-agent processes by:

  • Using ~/.config/ssh-agent.socket as the socket, rather than a random-named temporary socket
  • Tracking the PID of ssh-agent in ~/.config/ssh-agent.pid
  • setting up the appropriate environment variables to point to any already-running ssh-agent started this way (NB: if you start an agent process by hand, this won't know about it)
  • starting up an ssh-agent if it can't find a properly-configured version already running
# SSH agent
ssh_pid_file="$HOME/.config/ssh-agent.pid"
SSH_AUTH_SOCK="$HOME/.config/ssh-agent.sock"
if [ -z "$SSH_AGENT_PID" ]
then
# no PID exported, try to get it from pidfile
SSH_AGENT_PID=$(cat "$ssh_pid_file")
fi
if ! kill -0 $SSH_AGENT_PID &> /dev/null
then
# the agent is not running, start it
rm "$SSH_AUTH_SOCK" &> /dev/null
>&2 echo "Starting SSH agent, since it's not running; this can take a moment"
eval "$(ssh-agent -s -a "$SSH_AUTH_SOCK")"
echo "$SSH_AGENT_PID" > "$ssh_pid_file"
ssh-add -A 2>/dev/null
>&2 echo "Started ssh-agent with '$SSH_AUTH_SOCK'"
# else
# >&2 echo "ssh-agent on '$SSH_AUTH_SOCK' ($SSH_AGENT_PID)"
fi
export SSH_AGENT_PID
export SSH_AUTH_SOCK
@darrenpmeyer
Copy link
Author

@soundlake -- newer versions of ssh-add on macOS have deprecated -A in favor of --apple-load-keychain ; you can either swap that out or add export APPLE_SSH_ADD_BEHAVIOR=macos to your environment

@soundlake
Copy link

Thank you for your comment. I didn't know -A was deprecated on MacOS, because I don't use it. But I do know it is removed (not deprecated) on my WSL Debian (unstable) although I don't know when.

I did a workaround with simple bash script to traverse the directory to add all keys.

@PurplProto
Copy link

This will fail if the directory for $SSH_AUTH_SOCK doesn't exist. You'll probably only run into this error on a fresh install, or if you modify the path for SSH_AUTH_SOCK. Worth noting you may want to add a mkdir -p "$HOME/.config" near the start of the script, with adjustments if you do modify the path, just in case.

Thanks for the gist of it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment