From 71038b0a65bd28af60a2af182766b99a357b3f2d Mon Sep 17 00:00:00 2001
From: Gardouille <gardouille@gmail.com>
Date: Sun, 19 Sep 2021 17:58:44 +0200
Subject: [PATCH] Directly use ssh-agent instead of keychain

---
 zlogin | 17 +++++------------
 zshenv |  5 +++++
 zshrc  | 29 +++++++++++++++++------------
 3 files changed, 27 insertions(+), 24 deletions(-)

diff --git a/zlogin b/zlogin
index 81b4c90..a7d31bf 100644
--- a/zlogin
+++ b/zlogin
@@ -77,23 +77,16 @@ if [ ${USER} != "root" ] && [ $(command -v startx) ]; then
 	fi
 fi
 
-# Keychain {{{
-## TODO: user must be able to see ssh-agent process
-## Be careful with hidepid !
-if [ -f $HOME/.ssh/id_rsa ]; then
-	eval $(keychain --eval --quiet --agents ssh id_rsa)
-fi
-
-if [ -f $HOME/.ssh/id_ed25519 ]; then
-	eval $(keychain --eval --quiet --agents ssh id_ed25519)
-fi
+# ssh-agent with fix socket path {{{
+## See load-ssh-agent function in ~/.zsh/zshrc
+load-ssh-agent
 # }}}
 
-# GPG Agent
+# GPG Agent {{{
 if [ -f $HOME/.gnupg/secring.gpg ]; then
 	# Keychain
 	## Don't ask for gpg password, it will be asked at the first usage
 	keychain --noask --agents gpg
 	. $HOME/.keychain/$HOST-sh-gpg
 fi
-
+# }}}
diff --git a/zshenv b/zshenv
index 6c294c9..54a32d4 100644
--- a/zshenv
+++ b/zshenv
@@ -100,3 +100,8 @@ if [ $(command -v tmux) ]; then
   export TMUX_TMPDIR=~/.tmux/socks/
   [ ! -d "${TMUX_TMPDIR}" ] && mkdir -p -- "${TMUX_TMPDIR}" || chmod 0700 -- "${TMUX_TMPDIR}"
 fi
+
+# SSH
+## Specify ssh-agent socket path
+SSH_AGENT_SOCK="${HOME}/.ssh/socks/ssh_auth"
+SSH_AGENT_ENV="${HOME}/.ssh/socks/ssh_agent_env"
diff --git a/zshrc b/zshrc
index 809be3a..32456ad 100644
--- a/zshrc
+++ b/zshrc
@@ -314,20 +314,25 @@ alias ping6="ping6 -c 3"
 ## JOSM
 alias josm="java -jar -Xmx2048M /opt/josm-tested.jar"
 
-# Keychain
-## For SSH {{{
-function ssh() {
-	## If keychain exists, run ssh from default $PATH as usual
-	if [ -f ~/.keychain/"${HOST}"-sh ]; then
-		command -p ssh "${*}"
-	else ## Otherwise, reload keychain and run ssh
-		keychain --agents ssh
-		source ~/.keychain/"${HOST}"-sh
-		command -p ssh "${*}"
+# Function to load ssh-agent with a fix socket path {{{
+## This function can be used :
+##   1. in zlogin (for a new shell)
+function load-ssh-agent() {
+	## If a ssh-key is available
+	##   AND ssh-agent not launched
+	if find "${HOME}/.ssh" -maxdepth 1 -type f -iname "id_*" > /dev/null 2>&1 &&
+	   ! ps -x | grep -v grep | grep -Fq -- "ssh-agent -a ${SSH_AGENT_SOCK}"; then
+		### Remove any previous socket and environment files
+		rm --force -- "${SSH_AGENT_SOCK}" "${SSH_AGENT_ENV}"
+		### Start ssh-agent with a specified socket path
+		###   AND store informations in a file
+		ssh-agent -a "${SSH_AGENT_SOCK}" > "${SSH_AGENT_ENV}"
 	fi
+	## Load content of ssh-agent environment file
+	source "${SSH_AGENT_ENV}"
 }
-## }}}
-## For GPG {{{
+# }}}
+## Keychain for GPG {{{
 function gpg() {
 	## If keychain exists, run gpg from default $PATH as usual
 	if [ -f ~/.keychain/"${HOST}"-sh-gpg ]; then