From a0ac789f2abf475346505cd372a3843b3b93d91e Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Mon, 11 Oct 2021 12:15:47 +0200 Subject: feat(ssh-agent): allow lazy-loading SSH identities (#6309) Fixes #7477 --- plugins/ssh-agent/README.md | 18 +++++++++++++++++- plugins/ssh-agent/ssh-agent.plugin.zsh | 5 ++++- 2 files changed, 21 insertions(+), 2 deletions(-) (limited to 'plugins/ssh-agent') diff --git a/plugins/ssh-agent/README.md b/plugins/ssh-agent/README.md index d1a504b1e..1d6914ec6 100644 --- a/plugins/ssh-agent/README.md +++ b/plugins/ssh-agent/README.md @@ -21,7 +21,23 @@ zstyle :omz:plugins:ssh-agent agent-forwarding on ---- -To **load multiple identities** use the `identities` style, For example: +To **NOT load any identities on start** use the `lazy` setting. This is particularly +useful when combined with the `AddKeysToAgent` setting (available since OpenSSH 7.2), +since it allows to enter the password only on first use. _NOTE: you can know your +OpenSSH version with `ssh -V`._ + +```zsh +zstyle :omz:plugins:ssh-agent lazy yes +``` + +You can enable `AddKeysToAgent` by passing `-o AddKeysToAgent=yes` to the `ssh` command, +or by adding `AddKeysToAgent yes` to your `~/.ssh/config` file [1]. +See the [OpenSSH 7.2 Release Notes](http://www.openssh.com/txt/release-7.2). + +---- + +To **load multiple identities** use the `identities` style (**this has no effect +if the `lazy` setting is enabled**). For example: ```zsh zstyle :omz:plugins:ssh-agent identities id_rsa id_rsa2 id_github diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh index 2d7d8a2a0..4bd2dedcc 100644 --- a/plugins/ssh-agent/ssh-agent.plugin.zsh +++ b/plugins/ssh-agent/ssh-agent.plugin.zsh @@ -96,7 +96,10 @@ else _start_agent fi -_add_identities +# Don't add identities if lazy-loading is enabled +if ! zstyle -b :omz:plugins:ssh-agent lazy; then + _add_identities +fi unset agent_forwarding ssh_env_cache unfunction _start_agent _add_identities -- cgit v1.2.3-70-g09d2 From beeda72826f7288d3edf6cec4114bbda9bbae347 Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Mon, 11 Oct 2021 15:21:42 +0200 Subject: fix(ssh-agent): fix for bad `zstyle` command argument Fixes #10282 --- plugins/ssh-agent/ssh-agent.plugin.zsh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/ssh-agent') diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh index 4bd2dedcc..c006f1413 100644 --- a/plugins/ssh-agent/ssh-agent.plugin.zsh +++ b/plugins/ssh-agent/ssh-agent.plugin.zsh @@ -97,7 +97,7 @@ else fi # Don't add identities if lazy-loading is enabled -if ! zstyle -b :omz:plugins:ssh-agent lazy; then +if ! zstyle -t :omz:plugins:ssh-agent lazy; then _add_identities fi -- cgit v1.2.3-70-g09d2 From f1dd97bb2a9df55fae9b1ca26c829b9f8b290667 Mon Sep 17 00:00:00 2001 From: Marc Cornellà Date: Sat, 23 Oct 2021 05:16:15 +0200 Subject: fix(ssh-agent): fix check for running `ssh-agent` process with hidepid /proc (#8492) Fixes #8492 --- plugins/ssh-agent/ssh-agent.plugin.zsh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'plugins/ssh-agent') diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh index c006f1413..47dfef5b0 100644 --- a/plugins/ssh-agent/ssh-agent.plugin.zsh +++ b/plugins/ssh-agent/ssh-agent.plugin.zsh @@ -6,9 +6,11 @@ function _start_agent() { if [[ -f "$ssh_env_cache" ]]; then . "$ssh_env_cache" > /dev/null - { - [[ "$USERNAME" = root ]] && command ps ax || command ps x - } | command grep ssh-agent | command grep -q $SSH_AGENT_PID && return 0 + # Test if $SSH_AUTH_SOCK is visible + zmodload zsh/net/socket + if [[ -S "$SSH_AUTH_SOCK" ]] && zsocket "$SSH_AUTH_SOCK" 2>/dev/null; then + return 0 + fi fi # Set a maximum lifetime for identities added to ssh-agent -- cgit v1.2.3-70-g09d2