SSH-AGENT-PROXY(1) FreeBSD General Commands Manual SSH-AGENT-PROXY(1) NAME ssh-agent-proxy -- a dynamic proxy for ssh-agent(1) SYNOPSIS ssh-agent-proxy [-cdkqrs] [-a SOCK] [-p FILE] DESCRIPTION The ssh-agent-proxy command is a `dynamic' proxy for ssh-agent(1), which itself acts as an ssh authentication agent that forwards requests to a real agent. For each client request, it looks for a `real' agent by testing every available unix-domain socket that are presumably opened by ssh-agent and owned by the running user. If it finds one, proxies client requests to the socket. This is especially useful when you use screen(1) and agent forwarding. Suppose you log in to a remote host with ssh agent forwarding enabled, then run screen(1), and detach a session. The screen(1) process and all its child processes will now have a useless SSH_AUTH_SOCK value set. If you reattach the saved session later from a new ssh connection, agent forwarding will not work unless you fix the value for the processes that run ssh(1). Here is what ssh-agent-proxy is for. As the search for an available agent socket is dynamic and the path of the socket that this command cre- ates is fixed, there is no need to worry about the SSH_AUTH_SOCK value any more. You only need to have a fixed value set to SSH_AUTH_SOCK, then agent forwarding will always work fine. Just as ssh-agent(1) does, prints shell commands that can be evaluated in the calling shell to set the SSH_AUTH_SOCK variable. When finds an instance already running, it does not fork a new daemon but prints shell commands anyway so that the running shell can use the running instance. ssh-agent-proxy also tries running launchctl(1) to get the socket opened by launchd(8) via the `getenv' command if available. This is for Mac OS X 10.5+ environment. OPTIONS The following command line arguments are supported: -h --help Show help and exit. -a SOCK Alter the proxy agent socket path. The default value is /tmp/ssh%d/agent.sock, where the %d is replaced with the user ID. -c Generate C-shell commands on stdout. This is the default if SHELL looks like it's a csh style of shell. -d Turn on debug mode. When this option is specified, ssh-agent-proxy will not go background. -k Kill the proxy agent according to the process ID recorded in the pid file. -p FILE Alter the pid file path. The default value is /tmp/ssh%d/agent.pid, where the %d is replaced with the user ID. -q Supress informational messages. -r Kill the proxy agent if one is already running and restart a new one. -s Generate Bourne shell commands on stdout. This is the default if SHELL does not look like it's a csh style of shell. FILES /tmp/ssh%d/agent.pid Default location of the pid file. /tmp/ssh%d/agent.sock Default location of the proxy agent socket. /tmp/ssh-XXXXXXXXXX/agent.<ppid> Candidates for agent sockets to try. /tmp/<pid>/SSHKeychain.socket A candidate for agent sockets to try. This is for SSHKeychain on Mac OS X. SEE ALSO launchctl(1), ssh(1), ssh-agent(1), launchd(8) AUTHORS Akinori MUSHA <knu@iDaemons.org> BUGS There may be. Use at your own risk. FreeBSD August 16, 2006 FreeBSD