Doing an ssh-add upon ssh/slogin if key is not in ssh-agent?

Question

When I'm running Gnome, ssh-agent will run ssh-add upon slogin/ssh if the identity is not loaded. I want to mimic this behavior on remote shells, but everything I find suggests to run ssh-add upon login. I only want to run ssh-add if I subsequently run slogin/ssh on the remote shell, not every time I login.

score 9 · Accepted Answer · answered Feb 20 '11 at 19:46

I worked out a solution for this via the bash shell.

Add to .bashrc:

check-ssh-add() {
if [ "$DESKTOP_SESSION" == "" ]; then
  if [[ `ssh-add -l` != *id_?sa* ]]; then 
    ssh-add -t 5h  ## 5 hour ssh-agent expiration
  fi
fi
}

slogin() {
check-ssh-add
/usr/bin/slogin $@
}

ssh() {
check-ssh-add
/usr/bin/ssh $@
}

scp() {
check-ssh-add
/usr/bin/scp $@
}

sftp() {
check-ssh-add
/usr/bin/sftp $@
}

score 7 · Answer 2 · edited Jan 04 '16 at 09:32

7

There's actually an even simpler way. ssh-add -l returns true (0) if there are keys and false (1) otherwise, so your first function can be replaced with this:

check-ssh-add() {
  if ! ssh-add -l >/dev/null; then
      ssh-add -t 5h
  fi
}

edited Jan 04 '16 at 09:32

HighCommander4

165

answered Dec 18 '13 at 11:23

Relsqui

71

score 1 · Answer 3 · answered Apr 15 '19 at 11:21

Newer versions of OpenSSH can add the key to the agent on first use, if you enable AddKeysToAgent yes in your ~/.ssh/config.

(I've learned this from https://superuser.com/a/1114257/42546. I'm not sure what the proper StackOverflow etiquette is for coping answers across various StackExchange sites.)

score 1 · Answer 4 · answered Mar 16 '15 at 14:25

1

Even simpler in the «this is an interactive session» part add

ssh-add -l &> /dev/null || ssh-add ~/.ssh/my_id

answered Mar 16 '15 at 14:25

user1458574

11

Doing an ssh-add upon ssh/slogin if key is not in ssh-agent?

4 Answers4