Starting an agent
If a command-line is given, this is executed as a subprocess of the agent. When the command dies, so does the agent.
In Linux, execute ssh-agent and immediately set environment variables (SSH_AUTH_SOCK, SSH_AGENT_PID) that are needed:
In Windows, the same effect is more complicated. We need to somehow transform output to set these two environment variables. This is tested solution:
set SSH_AUTH_SOCK=%TEMP%\ssh-agent.socket rm -f %SSH_AUTH_SOCK% FOR /F "tokens=1 delims=;" %r IN ('ssh-agent -a %SSH_AUTH_SOCK% ') DO @(SET %r >NUL 2>&1) setx SSH_AUTH_SOCK %SSH_AUTH_SOCK%
Note: I used to use random unique temporary file as socket filename
ssh-agent.%RANDOM%-%TIME:~6,5%.ssh-socket). But in this case, it’s
important that we have known
SSH_AUTH_SOCK variable as we need that
variable in every shell that we open. So this variable should be
Now, we have an active ssh-agent running in memory, and two important environment variables set accordingly.
Stopping an ssh-agent
We can kill the ssh-agent process anytime, with
-k switch. It will
kill the process based on variable SSH_AGENT_PID. It will fail if that
variable is not properly set, and this will very often happen when we
are switching CMD shell’s.
So, when we don’t have a process PID in variable, and if we think that some agent process is still running wild, without the reason, in Windows we can kill them all with:
taskkill /im "ssh-agent.exe" /f
And, this is a simple and effective solution.
Adding identities to agent
Agent initially does not have any private keys. Keys are added using
ssh-add command. Simply invoking this command without arguments will add
~/.ssh/id_rsa key to an agent.
To add another, specific key:
To show the identities currently held by the running agent, type: