From c86f4477e70d890660aac68fba6721dec725962f Mon Sep 17 00:00:00 2001 From: Harald Pfeiffer Date: Mon, 21 Mar 2022 11:21:48 +0100 Subject: Execute ssh agent only on machines we want to be the source Also, see ssh_config(5) and ForwardAgent --- .bash/exec.bash | 4 +++- .bash/vars.bash | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.bash/exec.bash b/.bash/exec.bash index a239d5e..ffbeaae 100644 --- a/.bash/exec.bash +++ b/.bash/exec.bash @@ -7,7 +7,9 @@ set bell-style visible # start ssh agent. this script will not try to run a new instance # (unless we specified -f, which we don't). -"$HOME/bin/ssh-agent-launcher" -q +if echo "${SSHAGH[@]}" | fgrep --word-regexp "$(hostname -f)";then + "$HOME/bin/ssh-agent-launcher" -q +fi # because on some hosts the login path is fucked, unset in .local # if it causes irritation: diff --git a/.bash/vars.bash b/.bash/vars.bash index ac56a6d..dcb7fb2 100644 --- a/.bash/vars.bash +++ b/.bash/vars.bash @@ -11,6 +11,10 @@ export SSHHOME="${HOME}/.ssh" SSHKEYS=( "${SSHHOME}/id_ed25519" "${SSHHOME}/id_rsa" ) # 2. SSH environment file export SSHENVFILE="${HOME}/.ssh/sshenv" +# 3. Hosts on which ssh-agent should run, FQDN. Array. +SSHAGH=( "riesling.example.com" "schorle.example.com" ) +SSHAGH+=( "woschd.example.com" ) +export SSHAGH # ----- SHELL ----- # for pa in "/usr/local/bin" "${HOME}/bin";do -- cgit v1.2.3