如果是初始登陆 GNOME 图形桌面环境,可能会自动启动并为您配置
ssh-agent程序,具体取决于您本地系统的配置。如果是在文本控制台上进行登陆,使用
ssh进行登陆,或者使用sudo或su,可能需要为该会话手动启动ssh-agent。为此,可以使用以下命令:
当运行
ssh-agent时,它会显示出一些 shell 命令。您需要运行这些命令来设置程序(如ssh-add)所用的环境变量,以便与它进行通信。eval $(ssh-agent)命令将启动ssh-agent并运行这些命令以自动为该 shell 会话设置这些环境变量。此外,它还显示ssh-agent进行的 PID。
The
evalcommand tells the shell to run the output of ssh-agent as shell commands; thereafter, processes run by this shell inherit the environment variables and have access to the agent.Some people express irritation over this seemingly convoluted procedure, and wonder why they can't just run
ssh-agentand be done with it. In Unix, there is no way for a process to directly change the environment of other existing processes; it can only change its own environment, and those of child processes it starts. Thus, runningssh-agentcannot affect the environment of the shell which starts it the agent. Having the agent print out shell commands which can be easily executed to set the variables, is as convenient as it gets.
Why eval the output of ssh-agent?
By calling
evalyou immediately load those variables into your environment.As to why
ssh-agentcan't do that itself... Note the word choice. Not "won't", "can't". In Unix, a process can only modify its own environment variables, and pass them on to children. It can not modify its parent process' environment because the system won't allow it. This is pretty basic security design.