diff --git a/ChangeLog b/ChangeLog
index d0ff109ae..055b18b6b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,10 @@
    - stevesk@cvs.openbsd.org 2002/09/11 17:55:03
      [ssh.1]
      add agent and X11 forwarding warning text from ssh_config.5; ok markus@
+   - stevesk@cvs.openbsd.org 2002/09/11 18:27:26
+     [authfd.c authfd.h ssh.c]
+     don't connect to agent to test for presence if we've previously
+     connected; ok markus@
 
 20020911
  - (djm) Sync openbsd-compat with OpenBSD -current
@@ -1638,4 +1642,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2456 2002/09/11 23:52:03 djm Exp $
+$Id: ChangeLog,v 1.2457 2002/09/11 23:52:46 djm Exp $
diff --git a/authfd.c b/authfd.c
index 4c4552d52..f04e0858b 100644
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.57 2002/09/11 18:27:26 stevesk Exp $");
 
 #include <openssl/evp.h>
 
@@ -53,6 +53,8 @@ RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $");
 #include "log.h"
 #include "atomicio.h"
 
+static int agent_present = 0;
+
 /* helper */
 int	decode_reply(int type);
 
@@ -61,6 +63,21 @@ int	decode_reply(int type);
     ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \
     (x == SSH2_AGENT_FAILURE))
 
+int
+ssh_agent_present(void)
+{
+	int authfd;
+
+	if (agent_present)
+		return 1;
+	if ((authfd = ssh_get_authentication_socket()) == -1)
+		return 0;
+	else {
+		ssh_close_authentication_socket(authfd);
+		return 1;
+	}
+}
+
 /* Returns the number of the authentication fd, or -1 if there is none. */
 
 int
@@ -90,6 +107,7 @@ ssh_get_authentication_socket(void)
 		close(sock);
 		return -1;
 	}
+	agent_present = 1;
 	return sock;
 }
 
diff --git a/authfd.h b/authfd.h
index b2767e5c1..38ee49e88 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: authfd.h,v 1.30 2002/06/19 00:27:55 deraadt Exp $	*/
+/*	$OpenBSD: authfd.h,v 1.31 2002/09/11 18:27:25 stevesk Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -66,6 +66,7 @@ typedef struct {
 	int	howmany;
 }	AuthenticationConnection;
 
+int	ssh_agent_present(void);
 int	ssh_get_authentication_socket(void);
 void	ssh_close_authentication_socket(int);
 
diff --git a/ssh.c b/ssh.c
index dcbf68d99..7cef5e5ac 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.184 2002/08/29 19:49:42 stevesk Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.185 2002/09/11 18:27:26 stevesk Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -829,11 +829,8 @@ check_agent_present(void)
 {
 	if (options.forward_agent) {
 		/* Clear agent forwarding if we don\'t have an agent. */
-		int authfd = ssh_get_authentication_socket();
-		if (authfd < 0)
+		if (!ssh_agent_present())
 			options.forward_agent = 0;
-		else
-			ssh_close_authentication_socket(authfd);
 	}
 }