#!/bin/sh #----------------------------------------------------------------------- # Starting ssh-agent when logging in #----------------------------------------------------------------------- # $Id: ssh-login,v 1.4 2002/08/06 17:57:54 jochen Exp jochen $ #----------------------------------------------------------------------- # This works when you use a bourne shell compatible shell. Add the # following sniplet into your .bashrc, .kshrc or .zshrc depending # on your login shell. I've tested it with bash. #----------------------------------------------------------------------- # if [ -f $HOME/scripts/ssh-login ]; then # . $HOME/scripts/ssh-login # fi #----------------------------------------------------------------------- #----------------------------------------------------------------------- pidfile=$HOME/.ssh/agent.pid.`hostname` identity=$HOME/.ssh/id_dsa #----------------------------------------------------------------------- #----------------------------------------------------------------------- debug() { : #echo "$*" } #----------------------------------------------------------------------- is_ssh_agent() { debug "function is_ssh_agent entered" # is SSH_AGENT_PID set and valid? if [ -n "$1" ] then # Linux /proc style if [ -f "/proc/$1/cmdline" ] then # backticks are more portable than $( / $) # which don't work with Solaris /sbin/sh cmdline=`cat /proc/$1/cmdline | tr -d '\000'` # X in front of string comparisons to avoid # [: argument expected if [ ! X"ssh-agent" = X"$cmdline" ] then debug "PID $1 is no ssh-agent" return 1 fi # Solaris and AIX /proc style elif [ -f "/proc/$1/psinfo" ] then cmdline=`strings /proc/$1/psinfo | head -1` if [ ! X"ssh-agent" = X"$cmdline" ] then debug "PID $1 is no ssh-agent" return 1 fi # no /proc at all, e.g. HP-SUX # after all, only ps is portable, and even that is a lie :-( elif [ -z "`ps -e | grep \"^ *$1 \" | grep ssh-agent `" ] then debug "PID $1 is invalid" return 1 fi return 0 fi return 1 } maybe_save_pid() { debug "function maybe_save_pid entered" debug "SSH_AGENT_PID is $SSH_AGENT_PID" WORK_SSH_AGENT_PID=$SSH_AGENT_PID WORK_SSH_AUTH_SOCK=$SSH_AUTH_SOCK if [ -f $pidfile ]; then . $pidfile > /dev/null debug "saved SSH_AGENT_PID is $SSH_AGENT_PID" else unset SSH_AGENT_PID unset SSH_AUTH_SOCK fi if [ ! x"$WORK_SSH_AGENT_PID" = x"$SSH_AGENT_PID" ]; then debug "Saving new SSH_AGENT_PID $WORK_SSH_AGENT_PID" echo "SSH_AGENT_PID=$WORK_SSH_AGENT_PID ; export SSH_AGENT_PID" > $pidfile echo "SSH_AUTH_SOCK=$WORK_SSH_AUTH_SOCK ; export SSH_AUTH_SOCK" >> $pidfile fi } load_keys() { if tty -s; then # Enter passphrase for your key debug "adding keys to agent" ssh-add $identity elif [ -n "$DISPLAY" ]; then SSH_ASKPASS=/usr/bin/ssh-askpass debug "adding keys to agent" ssh-add $identity fi } ssh_login() { #----------------------------------------------------------------------- # If we are logging in via ssh and have agent forwarding on if [ ! -z "$SSH_CLIENT" -a ! -z "$SSH_AUTH_SOCK" ]; then debug "SSH_CLIENT is set and agent forwarding on, no agent needed" return fi #----------------------------------------------------------------------- # Check old agent PID if is_ssh_agent "$SSH_AGENT_PID"; then maybe_save_pid return fi #----------------------------------------------------------------------- # Read PID-file when there is one if [ -f $pidfile ]; then debug "Reading PID-File »${pidfile}«" . $pidfile > /dev/null debug "Values are: SSH_AGENT_PID=$SSH_AGENT_PID, SSH_AUTH_SOCK=$SSH_AUTH_SOCK" fi # is the PID-file valid? if is_ssh_agent "$SSH_AGENT_PID"; then ssh-add -l > /dev/null || load_keys return fi debug "Starting ssh-agent, writing to $pidfile" ssh-agent > $pidfile . $pidfile > /dev/null load_keys } #----------------------------------------------------------------------- case "$-" in *C*) # noclobber is set set +o noclobber ssh_login set -o noclobber ;; *) ssh_login ;; esac #-----------------------------------------------------------------------