lmb/README.md

## README.md

      
    Raw
  

              README.md
            
          
    This recipe allows you to use the ssh-agent from nix-env with the auto generated SSH_AUTH_SOCK in /private/tmp.
It works because disabling com.openssh.ssh-agent doesn't stop launchd from allocating SSH_AUTH_SOCK. com.nix.ssh-agent
spawns a shell to remove the socket and then execute the homebrew ssh-agent.

Install openssh from nix: nix-env --install --attr nikpkgs.openssh
Disable the built in macOS agent: launchctl disable gui/$UID/com.openssh.ssh-agent
Copy com.nix.ssh-agent.plist into ~/Library/LaunchAgents
Enable the new agent: launchctl bootstrap gui/$UID ~/Library/LaunchAgents/com.nix.ssh-agent.plist
Ensure that the correct agent is running:
% launchctl list | grep ssh
-	0	com.openssh.ssh-agent
23986	0	com.nix.ssh-agent


## com.nix.ssh-agent.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.nix.ssh-agent</string>
	<key>ProgramArguments</key>
	<array>
		<string>/bin/sh</string>
		<string>-c</string>
		<!-- We reuse SSH_AUTH_SOCK from com.openssh.ssh-agent -->
		<string>rm -f $SSH_AUTH_SOCK; exec $HOME/.nix-profile/bin/ssh-agent -D -a $SSH_AUTH_SOCK</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
</dict>
</plist>
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
	<plist version="1.0">
	<dict>
	<key>Label</key>
	<string>com.nix.ssh-agent</string>
	<key>ProgramArguments</key>
	<array>
	<string>/bin/sh</string>
	<string>-c</string>
	<!-- We reuse SSH_AUTH_SOCK from com.openssh.ssh-agent -->
	<string>rm -f $SSH_AUTH_SOCK; exec $HOME/.nix-profile/bin/ssh-agent -D -a $SSH_AUTH_SOCK</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
	</dict>
	</plist>