pdm/homelab-agents
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
1602733fadf0b3dc9f1c6acd6b0fb274244b5d1c
homelab-agents/VPS-SSH-KEY-SETUP.md
Homelab Automation cb89dfccbb Fix Step 7: SSH Agent persistence now works correctly 
PROBLEM: Original Step 7 script was buggy - agent would die on logout

SOLUTION: Rewritten Step 7 with proper ssh-agent persistence that:
- Detects existing running agents and reuses socket
- Persists socket location across shell sessions
- Auto-loads SSH key on new terminals
- Works reliably across multiple terminal windows

Key changes:
- Saves SSH_AUTH_SOCK to ~/.ssh/agent.sock for persistence
- Auto-adds key if not already loaded
- Includes simpler fallback version if complex version fails
- Detailed troubleshooting section
- Clear instructions on placement in ~/.bashrc

Agent now stays loaded for the entire user session duration.
2025-11-27 06:23:00 +00:00

148 lines
2.9 KiB
Markdown
Raw Blame History

# SSH Key Setup for New VPS
Quick guide to add your SSH private key to a new VPS and configure it for Gitea.
## Step 1: Create .ssh Directory
```bash
mkdir -p ~/.ssh
```
## Step 2: Add Private Key
Get your private key from 1Password and create the file:
```bash
cat > ~/.ssh/id_ed25519 << 'KEY'
[PASTE YOUR ENTIRE PRIVATE KEY HERE - from -----BEGIN to -----END]
KEY
```
## Step 3: Set Correct Permissions
This is critical for SSH to work:
```bash
chmod 600 ~/.ssh/id_ed25519
chmod 700 ~/.ssh
```
SSH requires strict permissions for security.
## Step 4: Start SSH Agent
```bash
eval "$(ssh-agent -s)"
```
You should see: Agent pid XXXXX
## Step 5: Add Key to Agent
```bash
ssh-add ~/.ssh/id_ed25519
```
You should see: Identity added
## Step 6: Test Connection
```bash
ssh -T git@100.120.125.113
```
Should respond with authentication success message.
## Step 7: Make SSH Agent Persistent (FIXED)
The original Step 7 was buggy - the agent would die on logout. Here's the working solution.
Add this to the END of your `~/.bashrc`:
```bash
# SSH Agent Persistence - Add to end of ~/.bashrc
if [ -z "$SSH_AUTH_SOCK" ]; then
if pgrep -u "$USER" ssh-agent > /dev/null; then
export SSH_AUTH_SOCK=$(pgrep -u "$USER" ssh-agent | xargs -I {} find /tmp -path "*ssh*" -name "agent.*" -user "$USER" 2>/dev/null | head -1)
else
eval "$(ssh-agent -s)" > /dev/null
echo "$SSH_AUTH_SOCK" > ~/.ssh/agent.sock
fi
fi
if [ -f ~/.ssh/agent.sock ] && [ -z "$SSH_AUTH_SOCK" ]; then
export SSH_AUTH_SOCK=$(cat ~/.ssh/agent.sock)
fi
if [ -z "$(ssh-add -l 2>/dev/null | grep id_ed25519)" ]; then
ssh-add ~/.ssh/id_ed25519 2>/dev/null
fi
```
Then reload:
```bash
source ~/.bashrc
```
### How This Works
1. Checks if SSH_AUTH_SOCK is already set in environment
2. If not set, looks for existing running agent
3. If agent exists, uses its socket
4. If no agent running, starts new one and saves socket location
5. On new shell sessions, loads the saved socket
6. Auto-adds your key if not already loaded
### Verify Persistence
Open a new terminal and check:
```bash
echo $SSH_AUTH_SOCK
ssh-add -l
```
Your key should be loaded without manual re-entry.
## Troubleshooting Step 7
If agent is still not persistent:
Make sure code is at the END of ~/.bashrc:
```bash
tail -20 ~/.bashrc | grep "SSH Agent"
```
If agent still dies, try this simpler version:
```bash
# Simpler version - add to end of ~/.bashrc
if [ -z "$SSH_AUTH_SOCK" ] ; then
eval "$(ssh-agent -s)" > /dev/null
ssh-add ~/.ssh/id_ed25519 2>/dev/null
fi
```
Test with:
```bash
bash
echo "Agent: $SSH_AUTH_SOCK"
ssh-add -l
```
## Permissions Explained
- chmod 600 = rw------- (you only)
- chmod 700 = rwx------ (you only)
- SSH requires strict permissions for security
## After SSH Works
```bash
bash <(curl -s http://100.120.125.113:3000/pdm/homelab-agents/raw/branch/main/scripts/bootstrap-agents.sh)
init-project my-project
```
Done! Now use Gitea without passwords.
Reference in New Issue View Git Blame Copy Permalink