Keychain is a script that provides some automation around the task of
sharing a long-running ssh-agent between processes. It works on Linux, BSD,
Cygwin, Tru64, HP-UX, Mac OS X, Solaris, and others.
Historical tarballs and rpms can be downloaded below,
and you can find the old mercurial repository
here.
- keychain 2.6.8 (24 Oct 2006)
Save LC_ALL for gpg invocation so that pinentry-curses works. This affected
peper and kloeri, though it seems to work for me in any case.
- keychain 2.6.7 (24 Oct 2006)
Prevent gpg_listmissing from accidentally loading keys
- keychain 2.6.6 (08 Sep 2006)
Make --lockwait -1 mean forever. Previously 0 meant forever but was
undocumented. Add more locking regression tests #137981
- keychain 2.6.5 (08 Sep 2006)
Break out of loop when empty lockfile can't be removed #127471. Add locking
regression tests:
100_lock_stale 101_lock_held 102_lock_empty 103_lock_empty_cant_remove
- keychain 2.6.4 (08 Sep 2006)
Add validinherit function so that validity of SSH_AUTH_SOCK and friends can be
validated from startagent rather than up front. The advantage is that warning
messages aren't emitted unnecessarily when --inherit *-once.
Fix --eval for fish, and add new testcases:
053_start_with_--eval_ksh
054_start_with_--eval_fish
055_start_with_--eval_csh
- keychain 2.6.3 (07 Sep 2006)
Support fish: http://roo.no-ip.org/fish/
Thanks to Ilkka Poutanen for the patch.
- keychain 2.6.2 (20 Mar 2006)
Add --confirm option and corresponding regression tests for Debian bug 296382.
Thanks to Liyang HU for the patch. Also add initialization for $ssh_timeout
which was being inherited from the environment and add regression tests for
--timeout
- keychain 2.6.1 (10 Oct 2005)
Change "unset evalopt" to "evalopt=false" and run through *all* the regression
tests instead of just the new ones. *sigh*
- keychain 2.6.0 (10 Oct 2005)
Add the --eval option which makes keychain startup easier. See the man-page
for examples. Get rid of the release notes from README, so now this file is
where changes are tracked.
- keychain 2.5.5 (28 Jul 2005)
Add the --env option and automatic reading of .keychain/env. This allows
variables such as PATH to be overridden for peculiar environments
- keychain 2.5.4.1 (11 May 2005)
A minor bug in 2.5.4 resulted in always exiting with non-zero status. Change
back to the correct behavior of zero for success, non-zero for failure
- keychain 2.5.4 (11 May 2005)
Fix bug 92316: If any locale variables are set, override them with LC_ALL=C.
This fixes a multibyte issue with awk that could keep a running ssh-agent from
being found.
Fix bug 87340: Use files instead of symlinks for locking, since symlink
creation is not atomic on cygwin.
- keychain 2.5.3.1 (10 Mar 2005)
Fix problem introduced in 2.5.3 wrt adding gpg keys to the agent. Thanks
to Azarah for spotting it.
- keychain 2.5.3 (09 Mar 2005)
Improve handling of DISPLAY by unsetting if blank. Call gpg with
--use-agent explicitly.
- keychain 2.5.2 (06 Mar 2005)
Fix bug 78974 "keychain errors on Big/IP (x86 BSD variant)" by refraining
from using ! in conditional expressions. Fix RSA fingerprint extraction
on Solaris, reported in email by Travis Fitch. Use $HOSTNAME when
possible instead of calling uname -n to improve bash_profile
compatibility.
- keychain 2.5.1 (12 Jan 2005)
Don't accidentally inherit a forwarded agent when
inheritwhich=local-once. Move the --stop warning after the version
splash.
- keychain 2.5.0 (07 Jan 2005)
Add inheritance support via --inherit. Add parameters to --stop for
more control. Change the default behavior of keychain to inherit if
there's no keychain agent running ("--inherit local-once"), and
refrain from killing other agents unless "--stop others" is
specified.
- keychain 2.4.3 (17 Nov 2004)
Fix bug 69879: Update findpids to work again on BSD; it has been
broken since the changes in version 2.4.2. Now we use OSTYPE (bash)
or uname to determine the system type and call ps appropriately.
- keychain 2.4.2.1 (30 Sep 2004)
Fix minor issues in the test for existing gpg keys wrt DISPLAY
- keychain 2.4.2 (29 Sep 2004)
Make gpg support more complete. Allow adding keys, clearing the
agent, etc. Fix --quick support to work properly again; it was
broken since 2.4.0. Change default --attempts to 1 since the progs
ask multiple times anyway.
- keychain 2.4.1 (22 Sep 2004)
Fix bugs 64174 and 64178; support Sun SSH, which is really OpenSSH
in disguise and a few critical outputs changed. Thanks to Nathan
Bardsley for lots of help debugging on Solaris 9
Fix pod2man output so it formats properly on SGI systems. Thanks to
Matthew Moore for reporting the problem.
- keychain 2.4.0 (09 Sep 2004)
Fix bug 26970 with first pass at gpg-agent support
Fix Debian bug 269722; don't filter output of ssh-add
Fix bug reported by Marko Myllynen regarding keychain and Solaris
awk's inability to process -F'[ :]'
Fix bug in now_seconds calculation, noticed by me.
- keychain 2.3.5 (28 Jul 2004)
Fix bug 58623 with patch from Daniel Westermann-Clark; don't put an
extra newline in the output of listmissing
Generate keychain.spec from keychain.spec.in automatically so that
the version can be set appropriately.
- keychain 2.3.4 (24 Jul 2004)
Fix bug 28599 reported by Bruno Pelaia; ignore defunct processes in
ps output
- keychain 2.3.3 (30 Jun 2004)
Fix bug reported by Matthew S. Moore in email; escape the backticks
in --help output
Fix bug reported by Herbie Ong in email; set pidf, cshpidf and lockf
variables after parsing command-line to honor --dir setting
Fix bug reported by Stephan Stahl in email; make spaces in filenames
work throughout keychain, even in pure Bourne shell
Fix operation on HP-UX with older OpenSSH by interpreting output of
ssh-add as well as the error status
- keychain 2.3.2 (16 Jun 2004)
Fix bug 53837 (keychain needs ssh-askpass) by unsetting SSH_ASKPASS
when --nogui is specified
- keychain 2.3.1 (03 Jun 2004)
Fix bug 52874: problems when the user is running csh
- keychain 2.3.0 (14 May 2004)
Rewrite the locking code to avoid procmail
- keychain 2.2.2 (03 May 2004)
Call loadagent prior to generating HOSTNAME-csh file so that
variables are set.
- keychain 2.2.1 (27 Apr 2004)
Find running ssh-agent processes by searching for /[s]sh-agen/
instead of /[s]sh-agent/ for the sake of Solaris, which cuts off ps
-u output at 8 characters. Thanks to Clay England for reporting the
problem and testing the fix.
- keychain 2.2.0 (21 Apr 2004)
Rewrote most of the code, organized into functions, fixed speed
issues involving ps, fixed compatibility issues for various UNIXes,
hopefully didn't introduce too many bugs. This version has a
--quick option (for me) and a --timeout option (for carpaski).
Also added a Makefile and converted the man-page to pod for easier
editing. See perlpod(1) for information on the format. Note that
the pod is sucked into keychain and colorized when you run make.