Arch Linux

nur_lisa

Member

Registered: 2024-01-22

Posts: 3

SSH Keychain and Agent Not Working Properly in Zsh

Hey everyone,

I've been using Arch Linux for about six years now, but I'm still feeling like a newbie sometimes! ? I've encountered an issue with keychain and ssh-agent that's been driving me crazy for months. No matter how much I search online, I can't seem to find the root cause of the problem.

In my `.zshrc` file, I have the following lines:

```bash
eval `ssh-agent`
trap 'test -n "$SSH_AGENT_PID" && eval `/usr/bin/ssh-agent -k`' 0
eval `keychain --eval githubkey id_ed25519 id_ed25519_pik`
```

The first two lines are there because our cluster admin recommended them. The third line is supposed to add my SSH keys to the keychain so that I can use them for SSH connections.

**Expected Behavior:**

When I start a new zsh session, I expect to be prompted for the password of my protected key (`githubkey`). After entering the password, I should be able to use `ssh server@address.com`, and my `id_ed25519` key should be used successfully. Running `keychain -l` should show a list of all three keys.

**Actual Behavior:**

However, what actually happens is that after starting zsh, I am prompted for the password for my protected key. But when I try `ssh server@address.com`, it asks for a password again, indicating that my keys were not added successfully. Both `keychain -l` and `ssh-agent -l` show `no identities known to agent`. To make it work, I have to manually run `eval `keychain --eval githubkey id_ed25519 id_ed25519_pik`` again, and then everything works as expected.

I'm at a loss as to why running the command via `.zshrc` results in a different outcome compared to running it manually. Any pointers would be greatly appreciated!

**Logs:**

.zshrc:
http://0x0.st/X8Ju.txt

zsh output when opening new terminal:
http://0x0.st/X8JS.txt

keychain -l directly after that:
http://0x0.st/X8JQ.txt

Last edited by nur_lisa (2024-05-10 09:25:48)

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 75,991

Re: SSH Keychain and Agent Not Working Properly in Zsh

I'm at a loss as to why running the command via `.zshrc` results in a different outcome compared to running it manually.

Have you made sure this is the case by running it w/o running ssh before?
What if you add a strategic "sleep 3" before "eval `keychain --eval githubkey id_ed25519 id_ed25519_pik`"?
Does it evaluate different things?
Add "set -x"/"set +x" around it to debug what's actually evaluated in either case (eg. keychain might simply yield an error in the failing case)

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc