Start ssh-agent on login

Question

I have a site as a remote Git repo pulling from Bitbucket com using an SSH alias  I can manually start the ssh-agent on my server but I have to do this every time I login via SSH   I manually start the ssh-agent   eval ssh-agent  SHELL   Then I add the agent   ssh-add    ssh bitbucket id   Then it shows up when I do   ssh-add -l   And I m good to go  Is there any way to automate this process so I don t have to do it every time I login  The server is running RedHat 6 2  Santiago

User · Answer

Tried couple solutions from many sources but all seemed like too much trouble. Finally I found the easiest one :)

If you're not yet familiar with zsh and oh-my-zsh then install it. You will love it :)

Then edit .zshrc

vim ~/.zshrc

find plugins section and update it to use ssh-agent like so:

plugins=(ssh-agent git)

And that's all! You'll have ssh-agent up and running every time you start your shell

User · Answer

I like your answers a lot  It made working from cygwin   linux hosts a lot easier  I combined start and end functions to make it secure   SSH ENV   HOME  ssh  agent env   function start agent       echo  Initialising new SSH agent          eval   usr bin ssh-agent      echo  export SSH AUTH SOCK   SSH AUTH SOCK  gt  gt    SSH ENV      echo  export SSH AGENT PID   SSH AGENT PID  gt  gt    SSH ENV       echo succeeded     chmod 600    SSH ENV            SSH ENV    gt   dev null      usr bin ssh-add       Source SSH settings  if applicable if   -f    SSH ENV      then          SSH ENV    gt   dev null      ps   SSH AGENT PID  doesn t work under cywgin     ps -ef   grep   SSH AGENT PID    grep ssh-agent   gt   dev null              start agent        else     start agent  fi    create our own hardlink to the socket  with random name  MYSOCK  tmp ssh agent   RANDOM  sock ln -T  SSH AUTH SOCK  MYSOCK export SSH AUTH SOCK  MYSOCK  end agent           if we are the last holder of a hardlink  then kill the agent     nhard  ls -l  SSH AUTH SOCK   awk   print  2        if      nhard  -eq 2     then         rm   SSH ENV           usr bin ssh-agent -k     fi     rm  SSH AUTH SOCK   trap end agent EXIT set  x

User · Answer

Old question  but I did come across a similar situation  Don t think the above answer fully achieves what is needed  The missing piece is keychain  install it if it isn t already  sudo apt-get install keychain  Then add the following line to your    bashrc eval   keychain --eval id rsa   This will start the ssh-agent if it isn t running  connect to it if it is  load the ssh-agent environment variables into your shell  and load your ssh key  Change id rsa to whichever private key in    ssh you want to load  Some useful options for keychain   -q Quiet mode --noask Don t ask for the password upon start  but on demand when ssh key is actually used   Reference https   unix stackexchange com questions 90853 how-can-i-run-ssh-add-automatically-without-password-prompt

User · Answer

Users of the fish shell can use this script to do the same thing     content has to be in  config fish config fish   if it does not exist  create the file setenv SSH ENV  HOME  ssh environment  function start agent                                                                                                                                                                         echo  Initializing new SSH agent          ssh-agent -c   sed  s  echo  echo    gt   SSH ENV     echo  succeeded      chmod 600  SSH ENV         SSH ENV  gt   dev null     ssh-add end  function test identities                                                                                                                                                                     ssh-add -l   grep  The agent has no identities   gt   dev null     if    status -eq 0           ssh-add         if    status -eq 2               start agent         end     end end  if   -n   SSH AGENT PID         ps -ef   grep  SSH AGENT PID   grep ssh-agent  gt   dev null     if    status -eq 0           test identities     end   else     if   -f  SSH ENV              SSH ENV  gt   dev null     end       ps -ef   grep  SSH AGENT PID   grep -v grep   grep ssh-agent  gt   dev null     if    status -eq 0           test identities     else          start agent     end   end

User · Answer

I solved it by adding this to the  etc profile - system wide  or to user local  profile  or   bash profile       SSH-AGENT     usr bin env bash SERVICE  ssh-agent  WHOAMI  who am i  awk   print  1     if pgrep -u  WHOAMI  SERVICE  gt  dev null then     echo  SERVICE running  else     echo  SERVICE not running      echo starting     ssh-agent  gt     ssh agent env fi      ssh agent env   This starts a new ssh-agent if not running for the current user  or re-sets the ssh-agent env parameter if running

User · Answer

The accepted solution have following drawbacks    it is complicated to maintain  it evaluates storage file which may lead to errors or security breach  it starts agent but doesn t stop it which is close equivalent to leaving the key in ignition    If your keys do not require to type password  I suggest following solution  Add the following to your  bash profile very end  edit key list to your needs    exec ssh-agent  BASH -s 10 lt  amp 0  lt  lt  EOF     ssh-add    ssh your key1 rsa                  ssh your key2 rsa  amp  gt   dev null     exec  BASH  lt  amp 10- EOF   It have following advantages    much simpler solution  agent session ends when bash session ends    It have possible disadvantages    interactive ssh-add command will influence only one session  which is in fact an issue only in very untypical circumstances  unusable if typing password is required  started shell becomes non-login  which doesn t influence anything AFAIK     Note that several ssh-agent processes is not a disadvantage  because they don t take more memory or CPU time

User · Answer

Please go through this article  You may find this very useful   http   mah everybody org docs ssh  Just in case the above link vanishes some day  I am capturing the main piece of the solution below      This solution from Joseph M  Reagle by way of Daniel Starin       Add this following to your  bash profile  SSH ENV   HOME  ssh agent-environment   function start agent       echo  Initialising new SSH agent          usr bin ssh-agent   sed  s  echo  echo    gt     SSH ENV       echo succeeded     chmod 600    SSH ENV            SSH ENV    gt   dev null      usr bin ssh-add       Source SSH settings  if applicable  if   -f    SSH ENV      then          SSH ENV    gt   dev null      ps   SSH AGENT PID  doesn t work under cywgin     ps -ef   grep   SSH AGENT PID    grep ssh-agent   gt   dev null              start agent        else     start agent  fi       This version is especially nice since it will see if you ve already started ssh-agent  and  if it can t find it  will start it up and store the settings so that they ll be usable the next time you start up a shell

User · Answer

Add this to your    bashrc  then logout and back in to take effect   if     -S    ssh ssh auth sock    then   eval  ssh-agent    ln -sf   SSH AUTH SOCK     ssh ssh auth sock fi export SSH AUTH SOCK    ssh ssh auth sock ssh-add -l  gt   dev null    ssh-add   This should only prompt for a password the first time you login after each reboot  It will keep reusing the same ssh-agent as long as it stays running

User · Answer

So I used to use the approaches described above  but I kind of prefer the agent to die when my last bash session ends  This is a bit longer than the other solutions  but its my preferred approach  The basic idea is that the first bash session starts the ssh-agent  Then each additional bash session checks for the config file     ssh  agent env   If that is there and there is a session running then source the environment and create a hardlink to the socket file in  tmp  needs to be on the same filesystem as the original socket file   As bash sessions shut down each deletes its own hardlink  The last session to close will find that the hardlinks have 2 links  the hardlink and the original   removal of the processes own socket and killing of the process will result in 0  leaving a clean environment after the last bash session closes     Start ssh-agent to keep you logged in with keys  use  ssh-add  to log in agent  pgrep ssh-agent -u  USER    get only your agents            if      agent             -e    ssh  agent env     then       if no agents or environment file is missing create a new one       remove old agents   environment variable files     kill  agent running     rm    ssh  agent env         restart     eval  ssh-agent       echo  export SSH AUTH SOCK   SSH AUTH SOCK  gt  gt     ssh  agent env                  echo  export SSH AGENT PID   SSH AGENT PID  gt  gt     ssh  agent env              fi    create our own hardlink to the socket  with random name             source    ssh  agent env                                                     MYSOCK  tmp ssh agent   RANDOM  sock                                         ln -T  SSH AUTH SOCK  MYSOCK                                                 export SSH AUTH SOCK  MYSOCK                                                  end agent                                                                                if we are the last holder of a hardlink  then kill the agent     nhard  ls -l  SSH AUTH SOCK   awk   print  2                                     if      nhard  -eq 2     then                                                        rm    ssh  agent env                                                             ssh-agent -k                                                                 fi                                                                               rm  SSH AUTH SOCK                                                                                                                                             trap end agent EXIT                                                              set  x

User · Answer

On Arch Linux  the following works really great  should work on all systemd-based distros    Create a systemd user service  by putting the following to    config systemd user ssh-agent service    Unit  Description SSH key agent   Service  Type simple Environment SSH AUTH SOCK  t ssh-agent socket ExecStart  usr bin ssh-agent -D -a  SSH AUTH SOCK   Install  WantedBy default target   Setup shell to have an environment variable for the socket   bash profile   zshrc         export SSH AUTH SOCK   XDG RUNTIME DIR ssh-agent socket    Enable the service  so it ll be started automatically on login  and start it   systemctl --user enable ssh-agent systemctl --user start ssh-agent   Add the following configuration setting to your local ssh config file    ssh config  this works since SSH 7 2    AddKeysToAgent  yes   This will instruct the ssh client to always add the key to a running agent  so there s no need to ssh-add it beforehand

User · Answer

I use the ssh-ident tool for this   From its man-page      ssh-ident - Start and use ssh-agent and load identities as necessary

User · Answer

Just to add yet another solution  P  I went with a combination of  spheenik and  collin-anderson  s solutions      Ensure that we have an ssh config with AddKeysToAgent set to true  if     -f    ssh config        cat    ssh config   grep AddKeysToAgent   grep yes  gt   dev null  then      echo  AddKeysToAgent  yes   gt  gt     ssh config  fi    Ensure a ssh-agent is running so you only have to enter keys once  if     -S    ssh ssh auth sock    then    eval  ssh-agent     ln -sf   SSH AUTH SOCK     ssh ssh auth sock  fi  export SSH AUTH SOCK    ssh ssh auth sock   Could be a little more elegant but its simple and readable  This solution    ensures AddKeysToAgent yes is in your ssh config so keys will be automatically added upon use doesn t prompt you to enter any passphrases at login  again  one-time passphrase entering occurs on first use  silently starts an ssh-agent if it has not already started one   Comments welcome

[git] Start ssh-agent on login

Examples related to git

Examples related to ssh

Examples related to bitbucket

Examples related to redhat

Examples related to ssh-agent