Skip to content

Commit 2c280b7

Browse files
committed
fix: use SSH agent or default key files when identityFile not set
1 parent 4f1e4a6 commit 2c280b7

1 file changed

Lines changed: 16 additions & 1 deletion

File tree

src/infrastructure/ssh/connection.ts

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
1-
import { readFileSync } from 'fs';
1+
import { readFileSync, existsSync } from 'fs';
2+
import { homedir } from 'os';
3+
import { join } from 'path';
24
import { Client, ConnectConfig, ClientChannel } from 'ssh2';
35
import { SshError } from '../../shared/errors.js';
46
import type { SshConfig, ExecResult } from '../../shared/types.js';
@@ -27,6 +29,19 @@ export class SshConnection implements RemoteExecutor {
2729

2830
if (config.identityFile) {
2931
sshConfig.privateKey = readFileSync(config.identityFile);
32+
} else if (process.env['SSH_AUTH_SOCK']) {
33+
// Use the running SSH agent (covers all keys added via ssh-add)
34+
sshConfig.agent = process.env['SSH_AUTH_SOCK'];
35+
} else {
36+
// Fall back to default key files in ~/.ssh
37+
const defaults = ['id_ed25519', 'id_ecdsa', 'id_rsa', 'id_dsa'];
38+
for (const name of defaults) {
39+
const keyPath = join(homedir(), '.ssh', name);
40+
if (existsSync(keyPath)) {
41+
sshConfig.privateKey = readFileSync(keyPath);
42+
break;
43+
}
44+
}
3045
}
3146

3247
if (config.proxyMode === 'cloudflare') {

0 commit comments

Comments
 (0)