9

I'm wondering if I could get some help. I recently reinstalled my OS and I'm running into a strange issue that I've never run into before. I'm following the Github steps to add ssh agent

Basically, every time I log in I need to run

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_personal

when I reboot my computer.

When I try to run git clone X I'm getting

Cloning into 'X'...
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

but after I run the above 2 commands, I cna clone just fine

Note: issue is also with Gitlab. Sorry, I should have been explicit

IanQ
  • 1,831
  • 5
  • 20
  • 29
  • See all answers for https://stackoverflow.com/q/18880024/7976758 Found in https://stackoverflow.com/search?q=%5Bssh-agent%5D+every+login – phd Oct 07 '21 at 23:22
  • 1
    Personally I use `gpg-agent` in `ssh-agent` mode. It stores keys forever in a file and allows to configure how often it re-asks passphrase; mine asks every 12 hours. I start `gpg-agent` before XWin so it's available for all terminals and programs inside my X session. – phd Oct 07 '21 at 23:24
  • 1
    MacOS starts an ssh-agent via launchd at the time you log on, before firing up any windows, so that the windows have the ssh environment variables pre-set. You *can* get Linux software that will do the same thing, but I have never used it. I use something much more like the method @phd describes. – torek Oct 08 '21 at 02:50

4 Answers4

19

It sounds like you're running on Linux, and your login is probably "bash".

If so, I would consider adding these two lines to the bottom of your ~/.bashrc login file:

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_personal

You might also consider trying this:

paulsm4
  • 114,292
  • 17
  • 138
  • 190
  • Yeah, I'm using Linux but I'm running on `zsh`. I could probably place those two lines at the bottom of my `.zshrc` (and I will) but I'm also not sure why this is happening.... I've been using linux for quite a while now and I've never seen anything like this – IanQ Oct 07 '21 at 21:48
  • This doesn't really have that much to do with Linux, but everything to do with GitHub and the way its authentication interacts with a running ssh-agent. – paulsm4 Oct 07 '21 at 21:51
  • Sorry, I should habe been more clear and said this, but I'm running into the same issue with gitlab :/ – IanQ Oct 07 '21 at 21:52
  • For bash, since you only want to do this at initial login, you might consider using `.bash_profile`. I'm not sure about the zsh setup. Another common trick is to first *check* whether there's an existing agent available, and if not, start one, but that has some potential races, so I dislike this one myself. – torek Oct 08 '21 at 02:52
  • @IanQ: 1) In case you didn't notice my update, please consider this: [How to Set ssh-agent to Run Automatically](https://docs.oracle.com/cd/E19683-01/806-4078/6jd6cjrub/). 2) phd made an interesting suggestion about using gpg-agent (part of GNUPrivacy Guard) as an alternative to ssh-agent. You can learn more here: https://gnupg.org/, 3) As you probably already know, the zsh user init file is [~.zshrc](https://linuxhint.com/configure-setup-zshrc-zsh/). 'Hope that helps; please post back what you learn! – paulsm4 Oct 08 '21 at 04:35
  • Yeap! Sorry for the silence - work got crazy. Will test out when I'm free – IanQ Oct 08 '21 at 14:30
  • If you're curious about what's the difference between .bashrc and .bash_profile. Go to https://cloudzy.com/knowledge-base/what-is-linux-bashrc-and-how-to-use-it-full-guide/#Bashrc_vs_bash_profile – Edward Casanova Apr 09 '22 at 14:20
1

Adding my own answer:

I think the issue was that when I made the first key, I changed the name from the default. I.e I changed from

~/.ssh/id_id_edX -> ~/.ssh/id_personal

After removing the key and regenerating things it all worked out. Why? IDK

IanQ
  • 1,831
  • 5
  • 20
  • 29
  • 1
    Ah. That is because ssh needs to be given the file and path to that `id_id_edX` key, using the `-i` option (or use IdentityFile as a Host directive in ssh config). Basically SSH has a list of built-in SSH key "names" it will automatically look for and submit to hosts. You can also create a config that Also, your instinct here to create specific keys for specific use-cases or sites, is a good one (if you don't mind tracking which key goes to which role). It should never be too painful to have to re-generate a key if you suspected it was leaked/lost. – Scott Prive Jul 03 '22 at 13:26
1

Try this, I found it somewhere online. Add this to your ~/.bashrc file

    if [ -z "$SSH_AUTH_SOCK" ] ; then
    eval `ssh-agent -s`
    ssh-add ~/.ssh/<NAME OF YOUR PRIVATE KEY>
    fi

This assumes your private key is located under .ssh. Otherwise, use the adequate path

Edward Casanova
  • 726
  • 7
  • 19
1

I saw that you mentioned using zsh for your shell. You can add ssh-agent to your plugins and it’ll handle it for you.

Michael Brown
  • 9,041
  • 1
  • 28
  • 37