From 224471c870c4274ee86a3c803bd9e05e806d7b87 Mon Sep 17 00:00:00 2001 From: Eric Bouchut Date: Tue, 5 Apr 2022 21:12:59 +0200 Subject: [PATCH] Zsh: Use 1Password SSH-Agent when enabled --- hooks/post-up/1password-ssh-agent | 38 +++++++++++++++++++++++++++++++ tag-zsh/zlogin | 33 +++++++++++++++++++++------ 2 files changed, 64 insertions(+), 7 deletions(-) create mode 100755 hooks/post-up/1password-ssh-agent diff --git a/hooks/post-up/1password-ssh-agent b/hooks/post-up/1password-ssh-agent new file mode 100755 index 0000000..3695a44 --- /dev/null +++ b/hooks/post-up/1password-ssh-agent @@ -0,0 +1,38 @@ +#!/bin/bash + +#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +# Configure SSH to use 1Password SSH Agent +# +# Pre-requisites: Turn on 1Password SSH Agent +# - Open 1Password / Preferences / Developer +# - Tick the checkboxes: +# - "Use SSH Agent" +# - "Display key names when authorizing connections" +# +# See: https://developer.1password.com/docs/ssh/get-started/ +#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +if [[ "$OSTYPE" != "darwin"* ]]; then + exit 0 +fi + +OP_DIR=~/.1password +OP_SSH_AGENT_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock +OP_SSH_AGENT_SOCK_SYMLINK=$OP_DIR/agent.sock + +if [[ ! -S "$OP_SSH_AGENT_SOCK" ]]; then + echo '1Password SSH-Agent not enabled.' + echo 'Open 1password 8, open "Preferences / Developer" then check "Use SSH Agent"' + exit 0 +fi + +if [[ ! -d "$OP_DIR" ]]; then + mkdir "$OP_DIR" + chmod 700 "$OP_DIR" +fi + +if [[ ! -S "$OP_SSH_AGENT_SOCK_SYMLINK" ]]; then + ln -s "$OP_SSH_AGENT_SOCK" "$OP_SSH_AGENT_SOCK_SYMLINK" +fi + +exit 0 diff --git a/tag-zsh/zlogin b/tag-zsh/zlogin index 82e7cb7..9035f6e 100644 --- a/tag-zsh/zlogin +++ b/tag-zsh/zlogin @@ -3,16 +3,35 @@ # Run ssh-agent and store SSH_* variables ready to be sourced - SSH_ENV=$HOME/.keychain/$HOST-sh +SSH_ENV=$HOME/.keychain/$HOST-sh function start_agent { - echo "Initializing new SSH Agent..." - eval $(/usr/bin/ssh-agent | sed 's/^echo/#echo/' | tee "${SSH_ENV}") - chmod 600 "${SSH_ENV}" - echo succeeded + local OP_SSH_AGENT_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock + local OP_DIR=~/.1password + local OP_SSH_AGENT_SOCK_SYMLINK=$OP_DIR/agent.sock - # Load default private key - /usr/bin/ssh-add + # TODO: handle Linux + if [[ "$OSTYPE" == "darwin"* && -S "$OP_SSH_AGENT_SOCK" ]] ; then + echo "Using 1Password SSH Agent" + + # Create ~/.1password if it does not exist + if [[ ! -d "$OP_DIR" ]]; then + mkdir "$OP_DIR" + chmod 700 "$OP_DIR" + fi + + # Create a short symlink to the 1Password SSH-Agent with a complex path + if [[ ! -S "$OP_SSH_AGENT_SOCK_SYMLINK" ]]; then + ln -s "$OP_SSH_AGENT_SOCK" "$OP_SSH_AGENT_SOCK_SYMLINK" + fi + export SSH_AUTH_SOCK=$OP_SSH_AGENT_SOCK_SYMLINK + else + echo "Initializing new SSH Agent..." + eval $(/usr/bin/ssh-agent | sed 's/^echo/#echo/' | tee "${SSH_ENV}") + chmod 600 "${SSH_ENV}" + + /usr/bin/ssh-add # Load default private key + fi } if [ -f "${SSH_ENV}" ]; then # Source: http://mah.everybody.org/docs/ssh