diff --git a/configs/ssh.nix b/configs/ssh.nix
index 1011b3d..b66f5c9 100644
--- a/configs/ssh.nix
+++ b/configs/ssh.nix
@@ -18,10 +18,25 @@ in {
       maxCacheTtlSsh = 4 * defaultCacheTtlSsh;
       sshKeys = [
         "568047C91DE03A23883E340F15A9C24D313E847C"
+        "BB3EE102DB8CD45540A78A6B18B511B67061F6B4" # kfm@manakish ed25519
+        "3F8986755818B5762A096BE212777EAAC441DD9D" # fysiweb rsa
+        "0E4ABD229432486CC432639BB0986B2CDE365105" # agenix ed25519
       ];
     };
   };
 
+  environment.extraInit = ''
+    if [[ -z "$SSH_AUTH_SOCK" ]]; then
+      export SSH_AUTH_SOCK="$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)"
+    fi
+  '';
+
+  environment.interactiveShellInit = ''
+    GPG_TTY="$(tty)"
+    export GPG_TTY
+    ${pkgs.gnupg}/bin/gpg-connect-agent updatestartuptty /bye > /dev/null
+  '';
+
   home-manager.users.me.programs.ssh = {
     enable = true;
     matchBlocks = rec {