Fix for OS X sshAgent
OK, I didn't check enough things and now I have it much better in hand. When you start a new terminal session on OS X, the code I had for starting ssh-agent would restart a new copy each time a new terminal session was started. This is not what I wanted, so I needed to be a little bit more careful on what was being done.
I needed to clean up the initial test on the existence of the running ssh-agent and I also needed to clean up the .tcshrc and .login files to make them work better when starting new terminal sessions.
My ${HOME}/bin/sshAgent script now looks like this:
#!/bin/tcsh
##
# Start SSH Key Agent
##
if (`where ssh-agent` != "") then
#
# See if there's already a running copy of ssh-agent
#
set proc=`ps -aux | grep 'ssh-agent' | grep -v grep`
if ($%proc >= 10) then
set pid=`echo "${proc}" | awk '{ print $2 }'`
kill ${pid}
endif
#
# ...and make sure to unset the variable for the PID of the agent
#
if ($?SSH_AGENT_PID) then
unsetenv SSH_AGENT_PID
endif
#
# Now see if we have the socket connection already defined as well
#
if ($?SSH_AUTH_SOCK) then
if (! -S "${SSH_AUTH_SOCK}") then
unsetenv SSH_AUTH_SOCK
endif
endif
#
# This is the file location that will hold the environment-setting
# commands for all subsequent shells based on the results of running
# ssh-agent for the first time.
#
setenv SSH_AGENT_STATE "/tmp/.ssh-agent-state.${user}"
#
# If it's still there, it's got old data and needs to be wiped out
#
if (-f "${SSH_AGENT_STATE}") then
rm -f "${SSH_AGENT_STATE}"
endif
#
# If we're all clean, then we need to start up a new instance, and
# save the environment settings in the proper file for later
# invocation by other shells.
#
if (! $?SSH_AGENT_PID && ! $?SSH_AUTH_SOCK && ! -f "${SSH_AGENT_STATE}") then
ssh-agent | grep -v '^echo ' >"${SSH_AGENT_STATE}"
source "${SSH_AGENT_STATE}"
endif
endif
And my .tcshrc starts off with:
#!/bin/tcsh
if (-f /tmp/.ssh-agent-state.${user}) then
source /tmp/.ssh-agent-state.${user}
endif
And finally, my .login has the following at the end:
#
# Now get the SSH-Agent up and working on this box so I can get into
# the machines at home where the keys are set up to match.
#
if ( $?SSH_AUTH_SOCK == "0" ) then
${HOME}/bin/sshAgent
source /tmp/.ssh-agent-state.${user}
endif
The important points are these:
- the sshAgent script gets the process info once so that it's not as much of a drain on the system. Also, it now does it correctly so that we don't get errors on the if statement.
- the .login doesn't start the sshAgentunless it hasn't already been started. This is important as it keeps the number of instances to 1 for all terminal windows under OS X.
- the .tcshrc now doesn't fail if there is no ssh-agent running. Previously, if there was none, you'd get an error trying to source a non-existent file.
These changes make it a lot nicer and though I thought I had tested it before, I've beaten the crud out of it now, and I'm happy with the results. There are probably some improvements to be made, but for now, this is a lot better than it was - because it works right.