Posted on · 1 min to read · 198 words

With every installation of a new system I struggle setting up an ssh-agent. Although it only requires 4 simple steps I somehow manage to always miss at least one of them.

I use a systemd user unit to start the ssh-agent as I don't want to manage services with shell scripts or in my sway config, if avoidable.

This is more or less exactly what can be found in the Arch wiki.

Step 1

Create systemd user unit in ~/.config/systemd/user/ssh-agent.service.

[Unit]
Description=SSH key agent

[Service]
Type=simple
Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
# DISPLAY required for ssh-askpass to work
Environment=DISPLAY=:0
ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK

[Install]
WantedBy=default.target

Step 2

Add SSH_AUTH_SOCK DEFAULT="${XDG_RUNTIME_DIR}/ssh-agent.socket" to .pam_environment.

Step 3

Add AddKeysToAgent yes to your .ssh/config to actually use the ssh-agent you set up previously.

Step 4

Let systemd pick up the new unit with systemctl --user daemon-reload and start the ssh-agent with systemctl start --user ssh-agent. You should also enable the service with systemctl enable --user ssh-agent (Thank you, Neil!).

That's it! If something is not working properly now restart your user session (logout and login again). Now you should only be prompted once for your ssh-key passphrase at the start of your session.