-
-
Save josh-padnick/c90183be3d0e1feb89afd7573505cab3 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
# | |
# Convert ssh-agent output to fish shell | |
# | |
eval "$(ssh-agent)" >/dev/null | |
echo "set SSH_AUTH_SOCK \"$SSH_AUTH_SOCK\"; export SSH_AUTH_SOCK" | |
echo "set SSH_AGENT_PID \"$SSH_AGENT_PID\"; export SSH_AGENT_PID" |
# config.fish
if test -z (pgrep ssh-agent)
eval (ssh-agent -c) > /dev/null
set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK
set -Ux SSH_AGENT_PID $SSH_AGENT_PID
set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK
end
# config.fish if test -z (pgrep ssh-agent) eval (ssh-agent -c) set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK set -Ux SSH_AGENT_PID $SSH_AGENT_PID set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK end
work for msys2+fish installation 👍
# config.fish
if not pgrep --full ssh-agent | string collect > /dev/null
eval (ssh-agent -c)
set -Ux SSH_AGENT_PID $SSH_AGENT_PID
set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK
end
works in WSL too
edited after hint from robfordww
No need to export set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK
twice!
Better twice, just to be sure!
Better twice, just to be sure!
this is a joke right?
Further, this handles better the case when ssh-agent pgrep
might return multiple processes.
if test -z (pgrep ssh-agent | string collect)
eval (ssh-agent -c)
set -Ux SSH_AUTH_SOCK $SSH_AUTH_SOCK
set -Ux SSH_AGENT_PID $SSH_AGENT_PID
end
consider this
function sshagent_findsockets
find /tmp -uid (id -u) -type s -name agent.\* 2>/dev/null
end
function sshagent_testsocket
if [ ! -x (command which ssh-add) ] ;
echo "ssh-add is not available; agent testing aborted"
return 1
end
if [ X"$argv[1]" != X ] ;
set -xg SSH_AUTH_SOCK $argv[1]
end
if [ X"$SSH_AUTH_SOCK" = X ]
return 2
end
if [ -S $SSH_AUTH_SOCK ] ;
ssh-add -l > /dev/null
if [ $status = 2 ] ;
echo "Socket $SSH_AUTH_SOCK is dead! Deleting!"
rm -f $SSH_AUTH_SOCK
return 4
else ;
echo "Found ssh-agent $SSH_AUTH_SOCK"
return 0
end
else ;
echo "$SSH_AUTH_SOCK is not a socket!"
return 3
end
end
function ssh_agent_init
# ssh agent sockets can be attached to a ssh daemon process or an
# ssh-agent process.
set -l AGENTFOUND 0
# Attempt to find and use the ssh-agent in the current environment
if sshagent_testsocket ;
set AGENTFOUND 1
end
# If there is no agent in the environment, search /tmp for
# possible agents to reuse before starting a fresh ssh-agent
# process.
if [ $AGENTFOUND = 0 ];
for agentsocket in (sshagent_findsockets)
if [ $AGENTFOUND != 0 ] ;
break
end
if sshagent_testsocket $agentsocket ;
set AGENTFOUND 1
end
end
end
# If at this point we still haven't located an agent, it's time to
# start a new one
if [ $AGENTFOUND = 0 ] ;
echo need to start a new agent
eval (ssh-agent -c)
end
# Finally, show what keys are currently in the agent
# ssh-add -l
end
ssh_agent_init
I don't really like the set -U which will prevent from running multiple agents if needed
SSH_AGENT_PID is not mandatory
Your code shows the ssh id agent number after every instance of a terminal is opened, please tell me how to hide that.
Isn't it only for new instances (when ssh-agent is not running) ?
but, I think you have to redirect the eval to /dev/null
or maybe my prompt is overriding the ouput 🤷
+1 @Optiligence 's answer.
Isn't it only for new instances (when ssh-agent is not running) ? but, I think you have to redirect the eval to /dev/null or maybe my prompt is overriding the ouput shrug
uhhhh, see the thing is I am a beginner and I don't know anything about fish/bash scripting so can you please tell me how am I supposed to fix it?
To remove the agent pid information replace eval (ssh-agent -c)
with eval (ssh-agent -c | head -n2)
@thibault-ketterer would you care create a MR of your snippet into https://github.com/danhper/fish-ssh-agent?
I am astonished, that no solution bothers to cleanup started agents, ie with on of those for security:
trap "kill $SSH_AGENT_PID" exit
trap "ssh-agent -k" exit
See also https://rabexc.org/posts/pitfalls-of-ssh-agents. Ideally the WM has a ssh-agent instance one could use instead of spawning a new one in each terminal.
is it worth it adding ssh-add somewhere in here so you only need to input your passphrase once per session?