cb89dfccbb
PROBLEM: Original Step 7 script was buggy - agent would die on logout SOLUTION: Rewritten Step 7 with proper ssh-agent persistence that: - Detects existing running agents and reuses socket - Persists socket location across shell sessions - Auto-loads SSH key on new terminals - Works reliably across multiple terminal windows Key changes: - Saves SSH_AUTH_SOCK to ~/.ssh/agent.sock for persistence - Auto-adds key if not already loaded - Includes simpler fallback version if complex version fails - Detailed troubleshooting section - Clear instructions on placement in ~/.bashrc Agent now stays loaded for the entire user session duration.
2.9 KiB
2.9 KiB
SSH Key Setup for New VPS
Quick guide to add your SSH private key to a new VPS and configure it for Gitea.
Step 1: Create .ssh Directory
mkdir -p ~/.ssh
Step 2: Add Private Key
Get your private key from 1Password and create the file:
cat > ~/.ssh/id_ed25519 << 'KEY'
[PASTE YOUR ENTIRE PRIVATE KEY HERE - from -----BEGIN to -----END]
KEY
Step 3: Set Correct Permissions
This is critical for SSH to work:
chmod 600 ~/.ssh/id_ed25519
chmod 700 ~/.ssh
SSH requires strict permissions for security.
Step 4: Start SSH Agent
eval "$(ssh-agent -s)"
You should see: Agent pid XXXXX
Step 5: Add Key to Agent
ssh-add ~/.ssh/id_ed25519
You should see: Identity added
Step 6: Test Connection
ssh -T git@100.120.125.113
Should respond with authentication success message.
Step 7: Make SSH Agent Persistent (FIXED)
The original Step 7 was buggy - the agent would die on logout. Here's the working solution.
Add this to the END of your ~/.bashrc:
# SSH Agent Persistence - Add to end of ~/.bashrc
if [ -z "$SSH_AUTH_SOCK" ]; then
if pgrep -u "$USER" ssh-agent > /dev/null; then
export SSH_AUTH_SOCK=$(pgrep -u "$USER" ssh-agent | xargs -I {} find /tmp -path "*ssh*" -name "agent.*" -user "$USER" 2>/dev/null | head -1)
else
eval "$(ssh-agent -s)" > /dev/null
echo "$SSH_AUTH_SOCK" > ~/.ssh/agent.sock
fi
fi
if [ -f ~/.ssh/agent.sock ] && [ -z "$SSH_AUTH_SOCK" ]; then
export SSH_AUTH_SOCK=$(cat ~/.ssh/agent.sock)
fi
if [ -z "$(ssh-add -l 2>/dev/null | grep id_ed25519)" ]; then
ssh-add ~/.ssh/id_ed25519 2>/dev/null
fi
Then reload:
source ~/.bashrc
How This Works
- Checks if SSH_AUTH_SOCK is already set in environment
- If not set, looks for existing running agent
- If agent exists, uses its socket
- If no agent running, starts new one and saves socket location
- On new shell sessions, loads the saved socket
- Auto-adds your key if not already loaded
Verify Persistence
Open a new terminal and check:
echo $SSH_AUTH_SOCK
ssh-add -l
Your key should be loaded without manual re-entry.
Troubleshooting Step 7
If agent is still not persistent:
Make sure code is at the END of ~/.bashrc:
tail -20 ~/.bashrc | grep "SSH Agent"
If agent still dies, try this simpler version:
# Simpler version - add to end of ~/.bashrc
if [ -z "$SSH_AUTH_SOCK" ] ; then
eval "$(ssh-agent -s)" > /dev/null
ssh-add ~/.ssh/id_ed25519 2>/dev/null
fi
Test with:
bash
echo "Agent: $SSH_AUTH_SOCK"
ssh-add -l
Permissions Explained
- chmod 600 = rw------- (you only)
- chmod 700 = rwx------ (you only)
- SSH requires strict permissions for security
After SSH Works
bash <(curl -s http://100.120.125.113:3000/pdm/homelab-agents/raw/branch/main/scripts/bootstrap-agents.sh)
init-project my-project
Done! Now use Gitea without passwords.