Home
|
FAQ
|
Feedback
|
Licence
|
Updates
|
Mirrors
|
Keys
|
Links
|
Team
Download:
Stable
·
Pre-release
·
Snapshot
|
Docs
|
Privacy
|
Changes
|
Wishlist
Windows Pageant can operate in two modes: either run in the background as the actual SSH agent, or contact an existing agent and load a key. This has the useful purpose that you can run (probably via a Windows shortcut) a command such as 'pageant.exe my_key.ppk', with the semantics of 'make that key available, by whatever means are currently necessary': Pageant will either start up a new agent, if one doesn't yet exist, or else just load the key into the existing agent, if one does.
The Unix version of Pageant (new as of 2015-05) also contains the code to be both an agent and a client, but it currently has no mode in which both are possible: any currently legal command line is agent-only or client-only. But it would be just as useful on Unix as it is on Windows to have a single convenient command you could run that says 'just make this key available, please'.
This is more difficult on Unix because of the pre-existing convention
that SSH clients expect to find their agent by looking at
$SSH_AUTH_SOCK
. So if you've already started an X
session, for example, and didn't run an agent early in its setup so
that $SSH_AUTH_SOCK
was inherited by every process in the
session, then there's no way to start an agent up now and
have the whole GUI login session able to use it, in the way that
Windows Pageant can.
Nevertheless, there are still some possibilities that could be useful.
For example, on a terminal login session, you can run a command such as
eval $(pageant -T key.ppk)
to start an agent and load a key file. It would be reasonably sensible
to arrange that that command, or a slight modification of it, could
instead switch to loading the same key into an existing agent if one
were available. Then you could assign the command into an alias or
shell function, and have that shell function be conveniently
idempotent – if you'd already run it once in your session,
running it again would be harmless, and not even bother prompting for
your passphrase again.