Difference between revisions of "Managing multiple SSH agents"
← Older edit
Newer edit →
Managing multiple SSH agents (view source)
Revision as of 10:45, 10 August 2016
905 BYTES ADDED
,  5 YEARS AGO
→‎Using multiple agents via systemd: Add instructions for IdentityAgent
=== Using multiple agents via systemd ===
 
This requires the use of a Linux distribution using systemd as the init system (all current releases do that, e.g. Debian jessie or Ubuntu 15.10 and later).
 
You can start multiple ssh-agents through systemd user units. The following unit would e.g. connect to labs, copy it to /usr/lib/systemd/user/ssh-labs.service
systemctl --user enable ssh-labs
 
This will create the agent socket ssbssh-labs.socket inside the $XDG_RUNTIME_DIR directory (which is automatically created and usually refers to /run/user/1000/, so the effective SSH agent socket would be /run/user/1000/ssh-labs.socket​).
 
Start the agent as follows to check if the systemd user unit works properly. There is no need to do this afterwards, later on the unit will be started during your first login.
systemctl --user start ssh-labs.service
 
 
Finally whenever you want to connect to either labs or elsewhereproduction via SSH, you need to point SSH_AUTH_SOCK​your SSH client to the respective agent socket.:
 
If you're using openssh 7.3 (available in Debian unstable since 7th August 2016), this is really simple: You can use the new ''IdentityAgent'' directive, so wherever you configure the IdentityFile, simply add the respective SSH agent socket created by the systemd user units above. Here's an example for configuring access for labs:
 
Host *.wmflabs gerrit.wikimedia.org *.wmflabs.org
User foo
IdentityFile /home/foo/.ssh/id_labs
IdentityAgent /run/user/1000/ssh-labs.socket
IdentitiesOnly yes
ForwardAgent no
 
If you don't have openssh 7.3 yet, you need to set the set the environment variable SSH_AUTH_SOCK to the respective socket before connecting, e.g.
 
export SSH_AUTH_SOCK="/run/user/1000/ssh-labs.socket"
 
=== The simplest solution ===
Muehlenhoff
ADMINISTRATORS
592
EDITS
Wikitech
Privacy policy
Terms of Use
Desktop
HomeRandomLog in Settings DonateAbout WikitechDisclaimers