Configuring ssh-agent to autostart and automatically add ssh keys to it

I am struggling already for some time with configuring ssh-agent as I want. I would like it to work next way: when I logged in ssh-agent already up and running and my ssh keys are added to it, so I could open terminal and run git commands or make ssh connection. Also I want GUI Apps like GitHub Desktop or Git extension in Visual Studio Code to work right away. I read this ArchWiki page about it and tried to create ssh-agent.service via systemd. My ssh-agent.service file is placed in ~/.config/systemd/user folder and look like this:

[Unit]
Description=SSH key agent

[Service]
Type=simple
Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
Environment=KEY_FILE=/home/%u/.ssh/my_ssh_key
# DISPLAY required for ssh-askpass to work
Environment=DISPLAY=:0
ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK 
ExecStartPost=/usr/bin/ssh-add $KEY_FILE
ExecStop=kill -15 $MAINPID


[Install]
WantedBy=default.target

I added also export of SSH_AUTH_SOCK env variable in my .zshrc file.
When my system is booted I can see that my service ssh-agent.service is active:

โ— ssh-agent.service - SSH key agent
     Loaded: loaded (/home/desktop-user/.config/systemd/user/ssh-agent.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-01-23 01:17:50 EET; 28min ago
    Process: 4643 ExecStartPost=/usr/bin/ssh-add $KEY_FILE (code=exited, status=0/SUCCESS)
   Main PID: 4642 (ssh-agent)
      Tasks: 1 (limit: 18457)
     Memory: 692.0K
        CPU: 569ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ssh-agent.service
             โ””โ”€4642 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket

ัั–ั‡ 23 01:17:49 systemd[895]: Starting SSH key agent...
ัั–ั‡ 23 01:17:49 ssh-agent[4642]: SSH_AUTH_SOCK=/run/user/1000/ssh-agent.socket; export SSH_AUTH_SOCK;
ัั–ั‡ 23 01:17:49 ssh-agent[4642]: echo Agent pid 4642;
ัั–ั‡ 23 01:17:50 ssh-add[4643]: Identity added: /home/desktop-user/.ssh/my_ssh_key
ัั–ั‡ 23 01:17:50 systemd[895]: Started SSH key agent.

But everything still remains the same: when I want to use my ssh key I need to run ssh-agent manually with eval "$(ssh-agent -s)" command and then add my ssh key manually. Also when I try to use, for example, VSCode git extension to work with Git, all actions are failed because, as I assume, it doesnโ€™t use my ssh key for it. And in this point I am pretty lost because I donโ€™t understand what I should do or google next. I would be very thankful if somebody could explain me why now everything donโ€™t work as I expect and what should I do to make it work.

There is a good article on the ssh website

1 Like

Hi and thanks for the help, itโ€™s a really good article. After reading it and some other articles I almost make it work as I want. To setup that I had, I added things described in this tutorial [HowTo] Use kwallet as a login keychain for storing SSH key passphrases on KDE. But the last problem that I have is that my user systemd service is failing to run on system load. When I check itโ€™s status I see the following:

โ—‹ ssh-agent.service - SSH key agent
     Loaded: loaded (/home/desktop-user/.config/systemd/user/ssh-agent.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Tue 2022-01-25 09:27:51 EET; 14s ago
   Main PID: 1472 (code=exited, status=2)
        CPU: 7ms

ัั–ั‡ 25 09:27:51 systemd[1464]: Starting SSH key agent...
ัั–ั‡ 25 09:27:51 systemd[1464]: ssh-agent.service: Control process exited, code=exited, status=1/FAILURE
ัั–ั‡ 25 09:27:51 systemd[1464]: ssh-agent.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
ัั–ั‡ 25 09:27:51 systemd[1464]: ssh-agent.service: Failed with result 'exit-code'.
ัั–ั‡ 25 09:27:51 systemd[1464]: Failed to start SSH key agent.

But after I manually reload daemon with command systemctl --user daemon-reload and restart my ssh service with command systemctl --user restart ssh-agent.service then itโ€™s running successfully:

โ— ssh-agent.service - SSH key agent
     Loaded: loaded (/home/desktop-user/.config/systemd/user/ssh-agent.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-01-25 09:09:47 EET; 1s ago
    Process: 4207 ExecStartPost=/usr/bin/ssh-add $KEY_FILE (code=exited, status=0/SUCCESS)
   Main PID: 4206 (ssh-agent)
      Tasks: 1 (limit: 18454)
     Memory: 688.0K
        CPU: 718ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ssh-agent.service
             โ””โ”€4206 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket

ัั–ั‡ 25 09:09:46 systemd[1870]: Starting SSH key agent...
ัั–ั‡ 25 09:09:46 ssh-agent[4206]: SSH_AUTH_SOCK=/run/user/1000/ssh-agent.socket; export SSH_AUTH_SOCK;
ัั–ั‡ 25 09:09:46 ssh-agent[4206]: echo Agent pid 4206;
ัั–ั‡ 25 09:09:47  ssh-add[4207]: Identity added: /home/desktop-user/.ssh/my_ssh_key (desktop-user@desktop-name)
ัั–ั‡ 25 09:09:47 systemd[1870]: Started SSH key agent

I have changed service file like this. Now ssh keys are added on login and no need to enter passphrase every time.

[Unit]
Description=SSH agent (ssh-agent)

[Service]
Type=simple
Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
Environment=DISPLAY=:0
ExecStart=ssh-agent -D -a $SSH_AUTH_SOCK
ExecStartPost=/bin/sleep 3
ExecStartPost=/bin/sh -c โ€˜/usr/bin/ssh-add /home/user/.ssh/id_rsaโ€™
ExecStop=kill -15 $MAINPID

[Install]
WantedBy=default.target

2 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.