# # Provides for an easier use of SSH by setting up ssh-agent. # # Authors: # Sorin Ionescu # # Return if requirements are not found. if (( ! $+commands[ssh-agent] )); then return 1 fi # Set the path to the SSH directory. _ssh_dir="$HOME/.ssh" # Set the path to the environment file if not set by another module. _ssh_agent_env="${_ssh_agent_env:-${TMPDIR:-/tmp}/ssh-agent.env.$UID}" # Due to the predictability of the env file, check the env file exists and is # owned by current EUID before trusting it. if [[ -f "$_ssh_agent_env" && ! -O "$_ssh_agent_env" ]]; then cat 1>&2 <<-EOF ERROR: Cannot trust the SSH agent environment variables persistence file because it is owned by another user. The ssh-agent will not be started. $_ssh_agent_env EOF unset _ssh_{dir,agent_env} return 1 fi # If a socket exists at SSH_AUTH_SOCK, assume ssh-agent is already running and # skip starting it. if [[ ! -S "$SSH_AUTH_SOCK" ]]; then # Try to grab previously exported environment variables. source "$_ssh_agent_env" 2> /dev/null # Do not start ssh-agent if the PID from the last start of ssh-agent exists and # corresponds to a running ssh-agent under the current user. if ! ps -U "$LOGNAME" -o pid,comm | grep -E -q -e "^[[:blank:]]*${SSH_AGENT_PID:--1}[[:blank:]].*ssh-agent$"; then eval "$(ssh-agent | sed '/^echo /d' | tee "$_ssh_agent_env")" fi fi # Load identities. if ssh-add -l 2>&1 | grep -q 'The agent has no identities'; then zstyle -a ':prezto:module:ssh:load' identities '_ssh_identities' # ssh-add has strange requirements for running SSH_ASKPASS, so we duplicate # them here. Essentially, if the other requirements are met, we redirect stdin # from /dev/null in order to meet the final requirement. # # From ssh-add(1): # If ssh-add needs a passphrase, it will read the passphrase from the current # terminal if it was run from a terminal. If ssh-add does not have a terminal # associated with it but DISPLAY and SSH_ASKPASS are set, it will execute the # program specified by SSH_ASKPASS and open an X11 window to read the # passphrase. if [[ -n "$DISPLAY" && -x "$SSH_ASKPASS" ]]; then ssh-add "${_ssh_identities:+$_ssh_dir/${^_ssh_identities[@]}}" < /dev/null 2> /dev/null else ssh-add ${_ssh_identities:+$_ssh_dir/${^_ssh_identities[@]}} 2> /dev/null fi if [[ "$OSTYPE" == darwin* ]]; then # macOS: `ssh-add -A` will load all identities defined in Keychain. # Assume `/usr/bin/ssh-add` is Apple customized version that understands # the `-A` switch. /usr/bin/ssh-add -A fi fi # Clean up. unset _ssh_{dir,identities,agent_env}