kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-04-05 16:44:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/client-ssh/README.md

34 lines
2.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SSH Agent 🔐
## Description
This Ansible role ensures a functional and persistent SSH Agent setup on Arch Linux (Manjaro) systems running GNOME with Wayland. It manages SSH configuration by cloning a remote Git repository into the user's `~/.ssh` directory and sets up a systemd user service to start the SSH agent automatically at login.
To understand the broader context of SSH, read more on [Wikipedia SSH](https://en.wikipedia.org/wiki/Secure_Shell) or visit the official [OpenSSH project](https://www.openssh.com/).
This role was designed and validated in the context of [this discussion](https://chatgpt.com/share/67ed0e25-7240-800f-9ab2-9fffc569bc20) on configuring SSH agents for KeePassXC compatibility under Wayland sessions.
## Overview
This role is intended for Manjaro/Arch systems where `gnome-keyring` no longer reliably manages `ssh-agent` due to changes in behavior under Wayland. It works by deploying a `systemd --user` service, making SSH Agent integration predictable and independent of graphical environment quirks.
## Purpose
The purpose of this role is to automate the provisioning of SSH agent capabilities and synchronize the `.ssh` directory from a Git repository. This enables users to access private repositories or authenticate with remote servers immediately after login.
## Features
- **Clones a remote SSH config repository** into `~/.ssh` using the `client-git` role.
- **Deploys and enables a systemd user service** for `ssh-agent`.
- **Ensures environment compatibility** by injecting the `SSH_AUTH_SOCK` variable into either `.bash_profile` or `.profile`.
- **Fails gracefully** with an optional debug message if the Git repository is unreachable.
- **KeePassXC ready**: Ensures compatibility with password managers that support SSH agent integration.
## Credits 📝
Developed and maintained by **Kevin Veen-Birkenbach**.
Learn more at [www.veen.world](https://www.veen.world)
Part of the [CyMaIS Project](https://github.com/kevinveenbirkenbach/cymais)
License: [CyMaIS NonCommercial License (CNCL)](https://s.veen.world/cncl)
Reference in New Issue View Git Blame Copy Permalink