Without any options, the documentation says:

To list the agents run

ssh_find_agent

Which isn't correct. It does set one of them, rather than listing them.

At first thanks for this great helper script, it's exactly a time saver for me to set the ssh-agent environment variable automatically.

However, I noticed that it will cost about 3 seconds on my VPS, is there any way to reduce this start time? Instead of a noticeable 3 seconds, 0.5-1 second would be smoother.

Would it be possible to start a new ssh-agent and add the existing agents to it automatically?

this says usage instead of sfa_usage which causes some old invocations to fail somewhat silently

If CDPATH is set, cd prints where it went to stdout

If I run on zsh with the current master I get a failure:

fingerprints:3: bad pattern: #

I think this can be fixed by escaping the hash in the pattern here. That is

-        [[ -n $l && ${l###} = $l ]] && ssh-keygen -l -f /dev/stdin <<<$l
+        [[ -n $l && ${l##\#} = $l ]] && ssh-keygen -l -f /dev/stdin <<<$l

I've checked that this change still produces the correct behaviour in the test on both bash and zsh, but I haven't done anything more extensive.

Dead sockets should be removed to prevent the /tmp folder from filling up with clutter

Since most linux systems symlin /usr/bin/sh->bash, I recommend using underscore in replacement of hyphens in the function name. Otherwise you will get the error

`ssh-find-agent': not a valid identifier

libpam-tmpdir sets "more secure" per-user TMP/TMPDIRs

However, it turns out, ssh-agent does not properly honour TMPDIR
https://www.mail-archive.com/[email protected]/msg05602.html

I ran into this today, ssh-agent was happily still dumping its sockets in /tmp/ which TMPDIR was defined elsewhere, and ssh-find-agent could no longer find anything.

Hello,

This doesnt work in Mavericks OSX. Is there something that needs to be changed..

Hi!
First of all, great and useful piece of work!
I'm seeing that in case you have multiple users with multiple agents running (my case) the script does not work, I guess because it tries to connect with sockets it has no permissions on.
Any quick fix?
Thanks!!

Xavi.

ssh-find-agent is 50% of my shell startup time

Clearly a lot of time is spent at
https://github.com/wwalker/ssh-find-agent/blob/master/ssh-find-agent.sh#L76-L84

Where find is called multiple times against multiple paths.

I think we can do better:

1. Use the -o syntax of find, https://superuser.com/questions/1494617/what-is-the-o-argument-in-find-command
2. Potentially adjust the existing find calls to do away with the post-grep (although you can instead combine the grep into a single one)

I'm going to look into how this works, but find is black magic and difficult, so I'm stating my intention here.

Just a polite enquiry about the Travis integration - back in 2317f2e some tests and a Travis build were added - since then it looks like the Travis repo has gone: https://travis-ci.org/wwalker/ssh-find-agent = "We couldn't find the repository wwalker/ssh-find-agent".

I suspect it is a bash version issue.

$ eval "$(ssh-find-agent)"
-bash: syntax error near unexpected token `RSA'
$ printf "<%s>\n" "$(ssh-find-agent)"
<export SSH_AUTH_SOCK=/tmp/ssh-uJ7Ualz2Tu/agent.28347   #1)     wwalker@polonium (RSA)
waywalke@polonium (RSA)   >
$ bash --version
GNU bash, version 4.2.46(2)-release (x86_64-koji-linux-gnu)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
$

Hi there,

Under macOs 10.14.6, the following is places/examples of ssh-agent listening:

The "stock" macOS ssh-agent listening under launchd:

/private/tmp/com.apple.launchd.{RandomString}/Listeners

The HomeBrew OpenSSH:

/var/folders/4q/{Random-string}/T//ssh-{randomg-string}/agent.{PID}

This is compared to /tmp that points to private/tmp thus this script doesn't match any thing for macOs 10.14.6 ;(

Hi

Your script uses the file ".ssh/authorized_keys", but you don't verify before if this file exists (in my case, there was no)

ssh-add -l on RHEL 7 and its derivatives, returns 141 instead of zero when talking to a modern forwarded ssh-agent because the modern agent doesn't respond to queries for Protocol 1 keys. And it writes an error to stderr.

First of all: Thanks for this nice little helper script :) I've been using it for a while and it does exactly what I need it to do (up until now).

I'm seing a bit of a weird behaviour when using the ssh-find-agent -a option when I have dead sockets. I'm experiencing this in WSL2 (Ubuntu2204 on Win11). I guess WSL2 isn't cleaning up sockets as nicely as it should for some reason.

This is what I get when there is an existing dead socket when I start WSL2:

socket (/tmp/ssh-XXXXXXCaNwA7/agent.6220) is dead, removing it.
Error connecting to agent: No such file or directory
$ env | grep SSH
SSH_AUTH_SOCK=rm -rf /tmp/ssh-XXXXXXCaNwA7
SSH_AGENT_PID=1

I've traced this to the "echo" of the rm command here:
https://github.com/wwalker/ssh-find-agent/blob/master/ssh-find-agent.sh#L92

It is assumed that the last line of the sfa_print_choose_menu output is a socket here:
https://github.com/wwalker/ssh-find-agent/blob/master/ssh-find-agent.sh#L187

Since the function echos the rm, it is assumed to be the agent.

I believe that the fix here is to change from echo to sfa_debug. Does that sound about right?

Implement ssh-find-agent -l to list all running, communicating agents.

Older versions of ssh-find-agent would output a list of the running agents if ssh-find-agent was run with no options.

There were 4 dead sockets and 1 live socket (which had 3 keys).

I ran ssh-find-agent -a; then, there were 4 dead sockets and 1 live socket (which had 3 keys).

However, it chose one of the sockets that it "cleaned up" rather than a live socket.

Hi! Some issues in the past where the script fails in zsh environment is because of the usage of word splitting, e.g. for i in $lines, which is disabled by default in zsh. So we might be able to document the behavior, by simply adding a line emulate ksh -c '. ssh-find-agent.sh' in the README.

The alternative to this is to check on $SHELL or $ZSH_VERSION for zsh users, and set setopt word_splitting explicitly, and that would require code changes, and proper handling of unsetting the option.

What do you think? Recommend just the docs change.

A representation of stdin as /dev/stdin doesn't exist in AIX.

@$ ssh-find-agent
export SSH_AUTH_SOCK=/tmp/ssh-rD6vrogm86Tj/agent.6340 #1) /Users/snappy/.ssh/malehman.pem (RSA)