dotfiles/setup-ssh-agent at main · jpschewe/dotfiles · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#!/bin/sh
# Hey EMACS, this should be in -*- sh -*- mode
#
# This starts ssh-agent in a predictable location if it's not already configured
# The location is ${HOME}/.ssh/agents/${HOSTNAME}
#
# To use this script you must source it so that the environment variable SSH_AUTH_SOCK can be set
# This is best done from your bashrc
#  if [ -e "${HOME}"/.ssh/setup-ssh-agent ]; then
#    source "${HOME}"/.ssh/setup-ssh-agent
#  fi

debug() { ! "${log_debug-false}" || log "DEBUG: $*" >&2; }
log() { printf '%s\n' "$*"; }
warn() { log "WARNING: $*" >&2; }
error() { log "ERROR: $*" >&2; }
try() { "$@" || error "'$@' failed"; }

# Canonicalize hostname to just the short name
if [ -z "${HOSTNAME}" ]; then
    HOSTNAME=$(hostname)
fi
HOSTNAME=$(echo ${HOSTNAME} | sed 's/\..*//')

SOCKET_FILENAME="${HOME}"/.ssh/agents/${HOSTNAME}

# start agent if instructed to
start_agent() {
    if [ -e "${HOME}/.ssh/.start-ssh-agent" ]; then
        debug "Starting agent with ${SOCKET_FILENAME}"
        # remove any existing socket that might be left over
        try rm -f "${SOCKET_FILENAME}"

        try ssh-agent -a "${SOCKET_FILENAME}" > /dev/null 2>&1
        SSH_AUTH_SOCK="${SOCKET_FILENAME}"
        export SSH_AUTH_SOCK
        debug "agent started"
    else
        debug "Agent not started due to user request"
    fi
}

if [ -z "${SSH_AUTH_SOCK}" ]; then
    debug "No socket variable defined"
    if [ -e "${SOCKET_FILENAME}" ]; then
        debug "Attempting to use existing socket at '${SOCKET_FILENAME}'"
        SSH_AUTH_SOCK="${SOCKET_FILENAME}"
        export SSH_AUTH_SOCK
    fi
fi

# check if SOCKET_FILENAME is valid, if so use it
# this assumes that the oldest valid socket is the one to keep
if [ -e "${SOCKET_FILENAME}" -a -n "${SSH_AUTH_SOCK}" ]; then
    debug "Saving ${SSH_AUTH_SOCK} while testing ${SOCKET_FILENAME}"
    ORIG_SSH_AUTH_SOCK=${SSH_AUTH_SOCK}
    export ORIG_SSH_AUTH_SOCK

    debug "Attempting to use existing socket at '${SOCKET_FILENAME}'"
    SSH_AUTH_SOCK="${SOCKET_FILENAME}"
    export SSH_AUTH_SOCK

    # check if the socket is valid
    output=$(timeout 2s ssh-add -l 2>&1)
    ssh_add_status=$?
    debug "ssh-add status ${ssh_add_status}"
    debug "ssh-add output '${output}'"
    if [ ${ssh_add_status} -eq 0 -o "${output#The agent has no identities}" != "${output}" ]; then
        debug "Valid SSH socket at '${SSH_AUTH_SOCK}'"
    else
        debug "Socket at '${SSH_AUTH_SOCK}' is not valid using '${ORIG_SSH_AUTH_SOCK}'"
        SSH_AUTH_SOCK=${ORIG_SSH_AUTH_SOCK}
        export SSH_AUTH_SOCK
    fi
fi

if [ -z "${SSH_AUTH_SOCK}" -a -n "${ORIG_SSH_AUTH_SOCK}" ]; then
    SSH_AUTH_SOCK=${ORIG_SSH_AUTH_SOCK}
    export SSH_AUTH_SOCK
fi

# ensure the directory exists
if [ ! -d "${HOME}"/.ssh/agents ]; then
    try mkdir -p "${HOME}"/.ssh/agents
    chmod go-rwx "${HOME}"/.ssh
fi

if [ -n "${SSH_AUTH_SOCK}" ]; then
    debug "Socket variable is defined as ${SSH_AUTH_SOCK}"

    # check if the socket is valid
    output=$(timeout 2s ssh-add -l 2>&1)
    ssh_add_status=$?
    debug "ssh-add status ${ssh_add_status}"
    debug "ssh-add output '${output}'"
    if [ ${ssh_add_status} -eq 0 -o "${output#The agent has no identities}" != "${output}" ]; then
        debug "Valid SSH socket at '${SSH_AUTH_SOCK}'"

        if [ "${SSH_AUTH_SOCK}" != "${SOCKET_FILENAME}" ]; then
            debug "Valid socket is not in the expected location, setting symlink and environment variable"
            ln -sf "${SSH_AUTH_SOCK}" "${SOCKET_FILENAME}"
            SSH_AUTH_SOCK="${SOCKET_FILENAME}"
            export SSH_AUTH_SOCK
        fi
    elif [ -n "${ORIG_AUTH_SOCK}" ]; then
        debug "${SSH_AUTH_SOCK} is invalid trying ${ORIG_AUTH_SOCK}"
        SSH_AUTH_SOCK=${ORIG_SSH_AUTH_SOCK}
        export SSH_AUTH_SOCK
        output=$(timeout 2s ssh-add -l 2>&1)
        ssh_add_status=$?
        debug "ssh-add status ${ssh_add_status}"
        debug "ssh-add output '${output}'"
        if [ ${ssh_add_status} -eq 0 -o "${output#The agent has no identities}" != "${output}" ]; then
            debug "Valid SSH socket at '${SSH_AUTH_SOCK}'"
        else
            debug "Invalid SSH socket at '${SSH_AUTH_SOCK}', clearing"
            unset SSH_AUTH_SOCK
            unset ORIG_SSH_AUTH_SOCK
            start_agent
        fi
    else
        debug "Invalid SSH socket at '${SSH_AUTH_SOCK}', clearing"
        unset SSH_AUTH_SOCK
        start_agent
    fi
else
    debug "No socket defined, starting agent"
    start_agent
fi

# cleanup
unset SOCKET_FILENAME