> On Nov 5, 2017, at 2:44 PM, René J.V. Bertin <[email protected]> wrote:
>
> Hi,
>
> I've grown accustomed to be able to call `ssh-add -A` periodically to import
> all certificates stored in my keychain into a running ssh-agent instance that
> I didn't have to start. After a forced reboot last Friday (the system had
> been up for 94 days) I find that ssh-agent no longer starts.
>
> Would anyone have an idea how this is normally started and how I could best
> fix this? I played with
> /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist but that doesn't
> actually start ssh-agent.
>
The way launchd works, it does not start ssh-agent process at the user login
time, it creates a socket and when some other process connects to that socket,
only then ssh-agent is brought to life. It is similar to inetd/xinetd.
> I do have a SSH_AUTH_SOCK var in the launchctl env, but it points to a socket
> that's used only by launchd itself and by gpg-agent . I see that gpg-agent is
> started from
> ${prefix}/etc/LaunchAgents/org.macports.gpg-agent/org.macports.gpg-agent.plist,
> which also sets SSH_AUTH_SOCK . When I remove that Sockets key from that
> launchd plist, ssh-agent functionality is restored.
>
The Listeners key in ssh-agent plist creates a randomly named socket and
exports in SSH_AUTH_SOCK to the user’s shell. It should not be shared with
gpg-agent to the best of my knowledge.
So if SSH_AUTH_SOCK is pointing to an existing file (ls -l $SSH_AUTH_SOCK shows
a socket file) can you run "ssh-add -l” ?
I also found this link helpful when I was debugging ssh-agent:
https://blog.affien.com/archives/2015/09/07/use-macports-ssh-agent/
HTH,
Kastus
