www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples | github

Archive Index This month's Index

Subject: Re: Getting no identities from ssh-agent

Re: Getting no identities from ssh-agent

From: Seth Willits <seth_at_freaksw.com>
Date: Fri, 4 May 2012 15:42:29 -0700

Ok. I figured out what the problem was. On OS X there's a ~/.MacOSX/environment.plist file which contains environment variables exported to all programs. That contained a 6-year-old SSH_AUTH_SOCK path added by a third party program. Removing that let the real path through so now ssh-add correctly connects to ssh-agent and with that I was able to figure out that the system-launched ssh-agent did *not* have any identities loaded.

So it turns out, ssh-agent is available on demand, but when it launches it only loads identities automatically if they've previously been stored in the Keychain by a call to `ssh-add -K`. While ssh-agent doesn't automatically grab the ones at ~/.ssh/id_xxx, the ssh command does and I was mistakenly thinking ssh was relying on ssh-agent to grab them.

After figuring all that out and playing with a bunch of scenarios, I don't think libssh2 needs any Keychain code for any scenario since ssh-add and ssh-agent handle it.

Seth Willits
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2012-05-05

the libssh2 team