I have set up automatic (password less) ssh login to some servers using ssh-copy-id. ssh-agent works only from the terminal where it was run. How do I get ssh-add to work in all my terminals?
Naturally, I would not prefer SSH key without a passphrase.
If you're logging into a graphical session, arrange to start ssh-agent during your session startup. Some distributions already do that for you. If yours doesn't, arrange to run ssh-agent from your session startup script or from your window manager. How you do that depends on your desktop environment and your window manager. For example, if you start your window manager manually, simply replace the call to my_favorite_wm by ssh-agent my_favorite_wm.
Do not start ssh-agent from .bashrc or .zshrc, since these files are executed by each new interactive shell. The place to start ssh-agent is in a session startup file such as .profile or .xsession.
If you want to use the same SSH agent on all processes no matter where you logged in from, you can make it always use the same socket name, instead of using a randomly-named socket. For example, you might put this in your ~/.profile:
export SSH_AUTH_SOCK=~/.ssh/ssh-agent.$HOSTNAME.sock
ssh-add -l 2>/dev/null >/dev/null
if [ $? -ge 2 ]; then
ssh-agent -a "$SSH_AUTH_SOCK" >/dev/null
fi
You probably want a program such as Keychain, which was designed for this exact purpose. From the man page:
DESCRIPTION
keychain is a manager for ssh-agent, typically run from ~/.bash_profile.
It allows your shells and cron jobs to share a single ssh-agent process.
keychain, as I've been using it for (literally) decades now. I'm answering another Super User question and wanted to provide the basic ssh-agent instructions. That said, I think keychain is great for (at least) several reasons, at least for my workflow preferences. (1) It's a single command that consolidates ssh-agent and ssh-add into a one-liner and "just works". (2) One-liners keep my profile "cleaner". (3) It outputs fish shell syntax (my preferred shell).
– NotTheDr01ds
Jan 18 '22 at 22:28
Apply it to your desktop environment or window manager. When I've done this manually in the past with a custom ~/.Xclients, I just used this as the last line:
ssh-agent mywindowmanger
There might be some DE's that have their own setup options for this, although it appears to me that (e.g.) KDE does not. Currently, it seems that mine was run via code from /etc/X11/xinit/xinitrc-common (presumably something done by fedora), since it is active for all users regardless of DE/WM and the parent process command is $HOME/.Xclients, but that file does not reference ssh-agent (whereas /etc/X11/xinit/xinitrc-common does).
If you don't have a ~/.Xclients, you could create one with just that one line, but you will need to know the command that starts your DE/WM.
$? -ge 2is because exit code 1 is when the ssh-agent has no keys, but ssh-agent is already running. – wisbucky Aug 09 '19 at 23:00ssh-addwithout parameters to add private keys into your keyring. For example, when you first connect to remote machine that contains private keys, you have to runssh-addon the remote matchine to get the keys into your client machine keyring. – Mikko Rantalainen Mar 21 '20 at 09:51keychain,ssh-identor other projects. – Pavel Šimerda Apr 12 '20 at 10:29.profile(seehead ~/.profilefor explanations) – Asenar Nov 10 '20 at 10:01.profileis the right file for what runs at login time..bashrcruns every time you open a terminal. See https://superuser.com/questions/183870/difference-between-bashrc-and-bash-profile – Gilles 'SO- stop being evil' Nov 10 '20 at 10:50