These two entries of man ssh-agent
describe the SSH authentication socket:
$TMPDIR/ssh-XXXXXXXXXX/agent.<ppid>
UNIX-domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. The sockets should get automatically removed when the agent exits.
A UNIX-domain socket is created and the name of this socket is stored in the SSH_AUTH_SOCK environment variable. The socket is made accessible only to the current user. This method is easily abused by root or another instance of the same user.
However, when I echo out the value of $SSH_AUTH_SOCK
, I get this value instead: /run/user/1000/keyring-5h6wYS/ssh
(with 1000
being the user ID of my current login)
I assume my local system (Ubuntu 14.10) is "hijacking" the default authentication socket and replacing it with the system keyring, but it's not mentioned in the man page, and I can't find more details on the matter.
What is going on behind the scenes, and where can I read up on more details of the process?
Best Answer
different tools can act as ssh agents, not just ssh-agent. gpg-agent can also agent for ssh, and gnome-keyring. probably something from KDE also.
As long as SSH_AUTH_SOCK is getting set, you should be good to go.