Switched back to SSH agent.

Until it is possible to unlock the agent on startup (if not already unlocked) then the prompt will trigger the pinentry program and causes all sorts of issues.
davidtwco · Dec 26, 2017 · 6c77ea0 · 6c77ea0
1 parent 9f15898
commit 6c77ea0
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 14 deletions.
diff --git a/.bashrc b/.bashrc
@@ -86,19 +86,39 @@ if [ -f ~/.aliases ]; then
 fi
 # }}}
 
+# SSH Agent {{{
+# =========
+env=~/.ssh/agent.env
+
+agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
+
+agent_start () {
+    (umask 077; ssh-agent >| "$env")
+    . "$env" >| /dev/null ;
+}
+
+agent_load_env
+
+# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
+agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
+
+if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
+    agent_start
+    ssh-add
+elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
+    ssh-add
+fi
+
+unset env
+# }}}
+
 # GPG Agent {{{
 # =========
 export GPG_TTY=$(tty)
-export SSH_AUTH_SOCK="$HOME/.gnupg/S.gpg-agent.ssh"
 if _has gpg-agent; then
     eval "$(gpgconf --launch gpg-agent)"
     echo UPDATESTARTUPTTY | gpg-connect-agent
 fi
-
-# If the SSH agent is running then add any keys.
-if [ "$SSH_AUTH_SOCK" ] && [ $(ssh-add -l >| /dev/null 2>&1; echo $?) = 1 ]; then
-    ssh-add
-fi
 # }}}
 
 # Environment Variables {{{

diff --git a/.gnupg/gpg-agent.conf b/.gnupg/gpg-agent.conf
@@ -10,8 +10,10 @@ max-cache-ttl 7200
 default-cache-ttl-ssh 34560000
 max-cache-ttl-ssh 34560000
 
-# Act as an SSH agent.
-enable-ssh-support
+# Act as an SSH agent. Disabled until I can force the
+# keyring for SSH to unlock on startup - else the prompt
+# triggers it.
+# enable-ssh-support
 
 # Use pinentry-curses for prompt.
 pinentry-program /usr/bin/pinentry-curses
diff --git a/.zshrc b/.zshrc
@@ -78,19 +78,39 @@ if grep -q Microsoft /proc/version; then
 fi
 # }}}
 
+# SSH Agent {{{
+# =========
+env=~/.ssh/agent.env
+
+agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
+
+agent_start () {
+    (umask 077; ssh-agent >| "$env")
+    . "$env" >| /dev/null ;
+}
+
+agent_load_env
+
+# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
+agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
+
+if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
+    agent_start
+    ssh-add
+elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
+    ssh-add
+fi
+
+unset env
+# }}}
+
 # GPG Agent {{{
 # =========
 export GPG_TTY=$(tty)
-export SSH_AUTH_SOCK="$HOME/.gnupg/S.gpg-agent.ssh"
 if _has gpg-agent; then
     eval "$(gpgconf --launch gpg-agent)"
     echo UPDATESTARTUPTTY | gpg-connect-agent 1>/dev/null
 fi
-
-# If the SSH agent is running then add any keys.
-if [ "$SSH_AUTH_SOCK" ] && [ $(ssh-add -l >| /dev/null 2>&1; echo $?) = 1 ]; then
-    ssh-add
-fi
 # }}}
 
 # Path {{{