dominic
/
prezto
1
0
Fork 0
Code Releases Activity

ssh: remove persistent socket; use macOS Keychain

Browse Source 
* Remove persistent SSH auth socket.
* Make ps|grep more robust and POSIX compliant.
* On macOS, use `-A` switch to "add identities to the agent using any
passphrase stored in the user's keychain."
pull/1394/head
Stephen Larew 7 years ago
parent 742260b55f
commit 56d0dc57f4
1 changed files with 11 additions and 15 deletions
Show Stats Download Patch File Download Diff File

26
modules/ssh/init.zsh
Unescape View File

@ -16,26 +16,19 @@ _ssh_dir="$HOME/.ssh"
# Set the path to the environment file if not set by another module.
_ssh_agent_env="${_ssh_agent_env:-${TMPDIR:-/tmp}/ssh-agent.env.$UID}"
# Set the path to the persistent authentication socket.
_ssh_agent_sock="${TMPDIR:-/tmp}/ssh-agent.sock.$UID"
# Start ssh-agent if not started.
# If a socket exists at SSH_AUTH_SOCK, assume ssh-agent is already running and
# skip starting it.
if [[ ! -S "$SSH_AUTH_SOCK" ]]; then
# Export environment variables.
# Try to grab previously exported environment variables.
source "$_ssh_agent_env" 2> /dev/null
# Start ssh-agent if not started.
if ! ps -U "$LOGNAME" -o pid,ucomm | grep -q -- "${SSH_AGENT_PID:--1} ssh-agent"; then
# Do not start ssh-agent if the PID from the last start of ssh-agent exists and
# corresponds to a running ssh-agent under the current user.
if ! ps -U "$LOGNAME" -o pid,comm | grep -E -q -e "^[[:blank:]]*${SSH_AGENT_PID:--1}[[:blank:]].*ssh-agent$"; then
eval "$(ssh-agent | sed '/^echo /d' | tee "$_ssh_agent_env")"
fi
fi
# Create a persistent SSH authentication socket.
if [[ -S "$SSH_AUTH_SOCK" && "$SSH_AUTH_SOCK" != "$_ssh_agent_sock" ]]; then
ln -sf "$SSH_AUTH_SOCK" "$_ssh_agent_sock"
export SSH_AUTH_SOCK="$_ssh_agent_sock"
fi
# Load identities.
if ssh-add -l 2>&1 | grep -q 'The agent has no identities'; then
zstyle -a ':prezto:module:ssh:load' identities '_ssh_identities'
@ -50,11 +43,14 @@ if ssh-add -l 2>&1 | grep -q 'The agent has no identities'; then
# program specified by SSH_ASKPASS and open an X11 window to read the
# passphrase.
if [[ -n "$DISPLAY" && -x "$SSH_ASKPASS" ]]; then
ssh-add ${_ssh_identities:+$_ssh_dir/${^_ssh_identities[@]}} < /dev/null 2> /dev/null
ssh-add "${_ssh_identities:+$_ssh_dir/${^_ssh_identities[@]}}" < /dev/null 2> /dev/null
elif [[ "$OSTYPE" == darwin* ]]; then
# macOS: `ssh-add -A` will load all identities defined in Keychain
ssh-add -A 2> /dev/null
else
ssh-add ${_ssh_identities:+$_ssh_dir/${^_ssh_identities[@]}} 2> /dev/null
fi
fi
# Clean up.
unset _ssh_{dir,identities} _ssh_agent_{env,sock}
unset _ssh_{dir,identities,agent_env}

Write Preview
Loading…
Cancel
Save