tadgy/dotfiles
1
0
Fork 0
Code Releases Wiki Activity Actions

Added improved ssh-agent support.

Browse source
This commit is contained in:
Darren 'Tadgy' Austin 2019-07-01 15:19:05 +01:00
commit ace5e0e8e3
3 changed files with 174 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

27
.bash_logout
View file

@ -1,4 +1,7 @@
if (( $SHLVL == 1 )); then #!/bin/bash - not strictly necessary, but helps nano with syntax highlighting.
# Clear the screen/console on logout.
if (( $SHLVL == 10 )); then
if [ -x /usr/bin/clear_console ]; then if [ -x /usr/bin/clear_console ]; then
/usr/bin/clear_console -q /usr/bin/clear_console -q
elif [ -x /usr/bin/clear ]; then elif [ -x /usr/bin/clear ]; then
@ -9,3 +12,25 @@ if (( $SHLVL == 1 )); then
echo -ne "\E[2J" echo -ne "\E[2J"
fi fi
fi fi
# Remove the SSH_AUTH_SOCK from the agents file.
(( $SHLVL == 1 )) && {
hash ssh-add ssh-agent >/dev/null 2>&1 && [[ ! -z "$SSH_AGENT_PID" ]] && [[ ! -z "$SSH_AUTH_SOCK" ]] && {
exec 9>~/.ssh/agents.lock
if flock -E 10 -w 0.5 9; then
_pop_agent_sock || {
echo -e "$(tput setaf 1 || tput AF 1)Failed to clean up agents file!$(tput op)"
_SLEEP=3
}
else
echo "$(tput setaf 1 || tput AF 1)Failed to obtain lockfile!$(tput op)"
_SLEEP=3
fi
exec 9>&-
ssh-agent -k >/dev/null 2>&1 || {
echo -e "$(tput setaf 1 || tput AF 1)Failed to kill ssh-agent!$(tput op)"
_SLEEP=3
}
sleep ${_SLEEP:-0}
}
}

73
.bash_profile
View file

@ -35,43 +35,62 @@ unset _PLATFORM
[ -d "$HOME/.local/bin" ] && export PATH="$HOME/.local/bin:$PATH" [ -d "$HOME/.local/bin" ] && export PATH="$HOME/.local/bin:$PATH"
[ -d "$HOME/bin" ] && export PATH="$HOME/bin:$PATH" [ -d "$HOME/bin" ] && export PATH="$HOME/bin:$PATH"
# SSH agent. # Make ssh-agent work better.
hash ssh-add ssh-agent >/dev/null 2>&1 && { hash ssh-add ssh-agent >/dev/null 2>&1 && {
if [ ! -z "$SSH_AUTH_SOCK" ]; then if [[ -z "$SSH_AUTH_SOCK" ]]; then
ssh-add -l >/dev/null 2>&1 # Try to find an existing agent socket to connect to.
if (( $? < 2 )); then SSH_AUTH_SOCK="$(_find_agent_sock)"
if ((${PIPESTATUS[0]} == 0)); then
# Found a socket.
export SSH_AUTH_SOCK
echo "Connected to ssh-agent." echo "Connected to ssh-agent."
echo
alias ssh='ssh-add -l >/dev/null 2>&1 && unalias ssh || { ssh-add && unalias ssh; }; ssh' alias ssh='ssh-add -l >/dev/null 2>&1 && unalias ssh || { ssh-add && unalias ssh; }; ssh'
else else
echo -e '$(tput setaf 1 || tput AF 1)Problem connecting to forwarded ssh-agent!$(tput op)' # No viable socket - try to start an agent.
echo eval "$(ssh-agent -s | grep -v 'echo')"
fi ssh-add -l >/dev/null 2>&1
else if (( $? < 2 )); then
. ~/.ssh/agent 2>/dev/null # Agent started - add new socket to the agent sockets file.
ssh-add -l >/dev/null 2>&1 exec 9>~/.ssh/agents.lock
if (( $? < 2 )); then if flock -E 10 -w 0.5 9; then
echo "Connected to ssh-agent." if _push_agent_sock; then
echo echo "Started new ssh-agent."
alias ssh='ssh-add -l >/dev/null 2>&1 && unalias ssh || { ssh-add && unalias ssh; }; ssh' else
else echo "$(tput setaf 1 || tput AF 1)Started new ssh-agent, but failed to register socket!$(tput op)"
if ssh-agent -s | sed -e '/^echo/ d' >~/.ssh/agent; then fi
. ~/.ssh/agent
ssh-add -l >/dev/null 2>&1
if (( $? < 2 )); then
echo "Started new ssh-agent."
echo
alias ssh='ssh-add -l >/dev/null 2>&1 && unalias ssh || { ssh-add && unalias ssh; }; ssh'
else else
echo "$(tput setaf 1 || tput AF 1)Problem connecting to local ssh-agent!$(tput op)" echo "$(tput setaf 1 || tput AF 1)Failed to obtain lockfile!$(tput op)"
echo
fi fi
exec 9>&-
alias ssh='ssh-add -l >/dev/null 2>&1 && unalias ssh || { ssh-add && unalias ssh; }; ssh'
else else
echo "$(tput setaf 1 || tput AF 1)Failed to start local ssh-agent!$(tput op)" echo "$(tput setaf 1 || tput AF 1)Failed to start new ssh-agent!$(tput op)"
echo unset SSH_AGENT_PID SSH_AUTH_SOCK
fi fi
fi fi
else
# Got a forwarded ssh-agent connection.
export SSH_AUTH_SOCK
ssh-add -l >/dev/null 2>&1
if (( $? < 2 )); then
# Agent is connected - add new socket to the agent sockets file.
exec 9>~/.ssh/agents.lock
if flock -E 10 -w 0.5 9; then
if _push_agent_sock; then
echo "Connected to forwarded ssh-agent."
else
echo -e "$(tput setaf 1 || tput AF 1)Failed to register forwarded ssh-agent socket!$(tput op)"
fi
else
echo "$(tput setaf 1 || tput AF 1)Failed to obtain lockfile!$(tput op)"
fi
exec 9>&-
alias ssh='ssh-add -l >/dev/null 2>&1 && unalias ssh || { ssh-add && unalias ssh; }; ssh'
else
echo -e "$(tput setaf 1 || tput AF 1)Problem connecting to forwarded ssh-agent!$(tput op)"
fi
fi fi
echo
} }
# Screen. # Screen.

102
.bashrc
View file

@ -1,3 +1,105 @@
# Functions.
_agent_prompt_command() {
hash ssh-add >/dev/null 2>&1 && {
local SOCK
declare -g _SSH_PROMPT_ERROR_ISSUED
# Check the ssh agent socket is still alive.
ssh-add -l >/dev/null 2>&1
if (($? >= 2)); then
# Auth socket has become unusable, search for a new one.
SOCK="$(_find_agent_sock)"
if ((${PIPESTATUS[0]} == 0)); then
export SSH_AUTH_SOCK="$SOCK"
_SSH_PROMPT_ERROR_ISSUED=0
echo "Connected to alternate ssh-agent - you may need to re-add keys."
else
if [[ -z "$(egrep -v '^$' ~/.ssh/agents)" ]]; then
((${_SSH_PROMPT_ERROR_ISSUED:-0} == 0)) && {
echo "$(tput setaf 1 || tput AF 1)Lost connection to ssh-agent - no alternate available!$(tput op)"
unset SSH_AUTH_SOCK
_SSH_PROMPT_ERROR_ISSUED=1
}
else
((${_SSH_PROMPT_ERROR_ISSUED:-0} == 0)) && {
echo "$(tput setaf 1 || tput AF 1)Lost connection to ssh-agent - failed to connect to new agent!$(tput op)"
unset SSH_AUTH_SOCK
_SSH_PROMPT_ERROR_ISSUED=1
}
fi
fi
else
_SSH_PROMPT_ERROR_ISSUED=0
fi
unset SOCK
}
}
_clean_agent_socks() {
local I SSH_AUTH_SOCK
# Go through the array of sockets and validate each one.
for ((I = 0; I < ${#SOCKS[@]}; I++)); do
SSH_AUTH_SOCK="${SOCKS[$I]}" ssh-add -l >/dev/null 2>&1
(($? >= 2)) && {
unset SOCKS[$I]
}
done
}
_find_agent_sock() {
local I IFS=$'\n' REPLY SOCKS=() SSH_AUTH_SOCK="$SSH_AUTH_SOCK"
# Load the array of sockets, minus the one we know is unusable.
if ((${BASH_VERSINFO[0]} >= 4)); then
mapfile -t SOCKS < <(egrep -v "^$SSH_AUTH_SOCK\$" ~/.ssh/agents 2>/dev/null)
else
while read -r; do
SOCKS+=("$REPLY")
done < <(egrep -v "^$SSH_AUTH_SOCK\$" ~/.ssh/agents 2>/dev/null)
fi
# Search backwards through the list to find an active socket.
for ((I = (${#SOCKS[@]} - 1); I >= 0; I--)); do
SSH_AUTH_SOCK="${SOCKS[$I]}" ssh-add -l >/dev/null 2>&1
(($? <= 1)) && [[ ! -z "${SOCKS[$I]}" ]] && {
printf "%s" "${SOCKS[$I]}"
return 0
}
done
return 1
}
_pop_agent_sock() {
local IFS=$'\n' REPLY SOCKS=()
# Read the current list of auth sockets.
if ((${BASH_VERSINFO[0]} >= 4)); then
mapfile -t SOCKS < <(egrep -v "^$SSH_AUTH_SOCK\$" ~/.ssh/agents 2>/dev/null)
else
while read -r; do
SOCKS+=("$REPLY")
done < <(egrep -v "^$SSH_AUTH_SOCK\$" ~/.ssh/agents 2>/dev/null)
fi
# Clean up any dead sockets - this modifies the SOCKS array.
_clean_agent_socks
# Write the new list back to disk.
printf "%s\n" "${SOCKS[@]}" >~/.ssh/agents
return $?
}
_push_agent_sock() {
local IFS=$'\n' REPLY SOCKS=()
# Read the current list of auth sockets.
if ((${BASH_VERSINFO[0]} >= 4)); then
mapfile -t SOCKS <~/.ssh/agents
else
while read -r; do
SOCKS+=("$REPLY")
done <~/.ssh/agents
fi
# Clean up any dead sockets - this modifies the SOCKS array.
_clean_agent_socks
# Write the new list back to disk.
printf "%s\n" "${SOCKS[@]}" "$SSH_AUTH_SOCK" >~/.ssh/agents
return $?
}
# Make bash a little more pleasent - these are valid for all versions. # Make bash a little more pleasent - these are valid for all versions.
shopt -s cdspell checkhash checkwinsize cmdhist histappend no_empty_cmd_completion shopt -s cdspell checkhash checkwinsize cmdhist histappend no_empty_cmd_completion