Can't change SSH_AUTH_SOCK with launchctl setenv

2

I want to set the value of SSH_AUTH_SOCK to a different location on an OSX El Capitan system. I attempted to do so by executing the following command:

$ launchctl setenv SSH_AUTH_SOCK ~/.gnupg/S.gpg-agent.ssh

However, SSH_AUTH_SOCK still holds the default value even after I restart the terminal:

$ echo $SSH_AUTH_SOCK
/private/tmp/com.apple.launchd.XXXXXXXXXX/Listeners

But interestingly, when I query the value of SSH_AUTH_SOCK using launchctl, I get the desired result:

$ launchctl getenv SSH_AUTH_SOCK
/Users/sora/.gnupg/S.gpg-agent.ssh

How can I correctly set the value of SSH_AUTH_SOCK system-wide?

EDIT: SSH_AUTH_SOCK was not set in any of the shell startup files (e.g. ~/.zshrc, /etc/zshrc, /etc/zprofile)

Sora Minazuki

Posted 2016-09-03T01:33:39.657

Reputation: 139

Did you try to re-login or reboot? – Jakuje – 2016-09-03T06:06:29.030

@Jakuje Yes, but the problem persisted after reboot. – Sora Minazuki – 2016-09-03T13:10:30.963

1Run into absolutely same issue! I know it's 2 years old question, but did you manage to solve it? This still persists on High Sierra. So weird... Even Apples launchd doesn't work on their own OS as expected... – Drew – 2018-06-06T23:56:43.003

Unfortunately, I haven't been able to find a direct solution. However, it is possible to work around this particular problem by using the IdentityAgent option in SSH_CONFIG.

– Sora Minazuki – 2018-06-07T01:20:15.137

Answers

1

This is mostly extracted from the excellant post here.

You need to make a plist file in your ~/Library/LaunchAgents directory with the following content.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>Label</key>
  <string>link-ssh-auth-sock</string>
  <key>ProgramArguments</key>
  <array>
    <string>/bin/sh</string>
    <string>-c</string>
    <string>/bin/ln -sf $HOME/.gnupg/S.gpg-agent.ssh $SSH_AUTH_SOCK</string>
  </array>
  <key>RunAtLoad</key>
  <true/>
</dict>
</plist>

Should do the trick.

zchrykng

Posted 2016-09-03T01:33:39.657

Reputation: 482

This is a workaround, but doesn't really answer the specific question of how to actually set SSH_AUTH_SOCK to an arbitrary value system-wide. Which I'd love to know the answer to. As mentioned launchctl setenv doesn't seem to work for that particular environment variable. – matthew – 2019-02-28T16:28:35.510

Asked: 2016-09-03T01:33:39.657

Viewed: 436 times

Active: 2019-02-25T02:18:30.633