diff --git a/openssh/ssh-keyman b/openssh/ssh-keyman
index 785029289e..8354e22939 100644
--- a/openssh/ssh-keyman
+++ b/openssh/ssh-keyman
@@ -100,39 +100,49 @@ export SSH_AGENT_PID
 
 #   perform agent information sanity check
 check_agent_info () {
-    location="$1"
-    if [ ".$SSH_AUTH_SOCK" != . -o ".$SSH_AGENT_PID" != . ]; then
-        invalid=""
-        if [ ".$SSH_AUTH_SOCK" = . -o ".$SSH_AGENT_PID" = . ]; then
-            #   just one of the two information is not enough
-            invalid="partial agent information missing"
+    context="$1"
+    invalid1=""
+    invalid2=""
+    if [ ".$SSH_AUTH_SOCK" != . ]; then
+        #   make sure the agent socket is (still) working
+        if [ ! -r $SSH_AUTH_SOCK ]; then
+            invalid1="agent socket $SSH_AUTH_SOCK no longer exists"
         else
-            #   make sure the agent process is (still) running
-            kill -0 $SSH_AGENT_PID >/dev/null 2>&1
-            if [ $? -ne 0 ]; then
-                invalid="agent process $SSH_AGENT_PID is no longer valid"
-            else
-                if [ ! -r $SSH_AUTH_SOCK ]; then
-                    invalid="agent socket $SSH_AUTH_SOCK is no longer existing"
-                fi
+            ssh-add -l >/dev/null 2>&1
+            if [ $? -eq 2 ]; then
+                invalid1="agent socket $SSH_AUTH_SOCK no longer valid"
             fi
         fi
-        if [ ".$invalid" != . ]; then
-            echo "$prog_name:WARNING: invalid agent information found in $location." 1>&2
-            echo "$prog_name:WARNING: reason: $invalid." 1>&2
-            if [ ".$location" = ".your shell environment" ]; then
+    fi
+    if [ ".$SSH_AGENT_PID" != . ]; then
+        #   make sure the agent process is (still) running
+        kill -0 $SSH_AGENT_PID >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            invalid2="agent process $SSH_AGENT_PID no longer exists"
+        fi
+    fi
+    if [ ".$invalid1" != . -o ".$invalid2" != . ]; then
+        if [ ".$opt_e" = .no ]; then
+            echo "$prog_name:WARNING: invalid agent setup found in $context." 1>&2
+            if [ ".$invalid1" != . ]; then
+                echo "$prog_name:WARNING: reason: $invalid1." 1>&2
+            fi
+            if [ ".$invalid2" != . ]; then
+                echo "$prog_name:WARNING: reason: $invalid2." 1>&2
+            fi
+            if [ ".$context" = ".your shell environment" ]; then
                 echo "$prog_name:HINT: run \"eval \`$prog_name -q -s -e\`\" to fix." 1>&2
             fi
-            unset SSH_AUTH_SOCK
-            unset SSH_AGENT_PID
         fi
+        unset SSH_AUTH_SOCK
+        unset SSH_AGENT_PID
     fi
 }
 check_agent_info "your shell environment"
 if [ -f $agentfile ]; then
     . $agentfile
     check_agent_info "in saved agent state"
-    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
+    if [ ".$SSH_AUTH_SOCK" = . -o ".$SSH_AGENT_PID" = . ]; then
         rm -f $agentfile
     fi
 fi
@@ -154,63 +164,73 @@ if [ ".$opt_k" = .yes ]; then
     #   stop the agent
     kill=yes
 
-    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
-        if [ ".$opt_q" = .no ]; then
-            echo "$prog_name: agent not running"
-        fi
-    else
+    if [ ".$SSH_AUTH_SOCK" != . -a ".$SSH_AGENT_PID" != . ]; then
         kill $SSH_AGENT_PID >/dev/null 2>&1 || true
         if [ ".$opt_q" = .no ]; then
-            echo "$prog_name: stopped agent (pid $SSH_AGENT_PID)"
+            echo "$prog_name: stopped agent (pid $SSH_AGENT_PID)" 1>&2
         fi
         rm -f $agentfile
         unset SSH_AUTH_SOCK
         unset SSH_AGENT_PID
+    elif [ ".$SSH_AUTH_SOCK" != . -a ".$SSH_AGENT_PID" = . ]; then
+        if [ ".$opt_q" = .no ]; then
+            echo "$prog_name: agent running remotely - cannot kill locally" 1>&2
+        fi
+    else
+        if [ ".$opt_q" = .no ]; then
+            echo "$prog_name: agent not running" 1>&2
+        fi
     fi
 fi
 
 #   start the agent
 if [ ".$opt_s" = .yes ]; then
-    if [ ".$SSH_AUTH_SOCK" != . -a ".$SSH_AGENT_PID" != . ]; then
-        if [ ".$opt_q" = .no ]; then
-            echo "$prog_name: agent already running"
-        fi
-    else
+    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
         eval `nohup $ssh_agent -s </dev/null 2>/dev/null | grep -v 'Agent pid'`
         if [ ".$opt_q" != .yes ]; then
-            echo "$prog_name: spawned agent (pid $SSH_AGENT_PID)"
+            echo "$prog_name: spawned agent (pid $SSH_AGENT_PID)" 1>&2
         fi
         ( echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK"
           echo "SSH_AGENT_PID=$SSH_AGENT_PID"
         ) >$agentfile && chmod 600 $agentfile
+    elif [ ".$SSH_AUTH_SOCK" != . -a ".$SSH_AGENT_PID" = . ]; then
+        if [ ".$opt_q" = .no ]; then
+            echo "$prog_name: agent already running remotely - no need to start locally" 1>&2
+        fi
+    else
+        if [ ".$opt_q" = .no ]; then
+            echo "$prog_name: agent already running" 1>&2
+        fi
     fi
 fi
 
 #   setup environment
 if [ ".$opt_e" = .yes ]; then
-    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
-        echo "$prog_name:WARNING: agent not running" 1>&2
+    if [ -r $agentfile ]; then
+        sed -e 's/$/;/g' <$agentfile
+        echo "export SSH_AUTH_SOCK;"
+        echo "export SSH_AGENT_PID;"
     else
-        cat $agentfile
-        echo "export SSH_AUTH_SOCK"
-        echo "export SSH_AGENT_PID"
+        echo "$prog_name:WARNING: agent not (or no longer) available" 1>&2
+        echo "unset SSH_AUTH_SOCK;"
+        echo "unset SSH_AGENT_PID;"
     fi
 fi
 
 #   delete key(s) from agent
 if [ ".$opt_d" = .yes ]; then
-    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
-        echo "$prog_name:WARNING: agent not running" 1>&2
+    if [ ".$SSH_AUTH_SOCK" = . ]; then
+        echo "$prog_name:WARNING: agent not available" 1>&2
     else
         if [ $# -eq 0 ]; then
             if [ ".$opt_q" = .no ]; then
-                echo "$prog_name: deleting all keys"
+                echo "$prog_name: deleting all keys" 1>&2
             fi
             $ssh_add -D
         else
             if [ ".$opt_q" = .no ]; then
                 for key in "$@"; do
-                    echo "$prog_name: deleting key $key"
+                    echo "$prog_name: deleting key $key" 1>&2
                 done
             fi
             $ssh_add -d "$@"
@@ -220,8 +240,8 @@ fi
 
 #   add key(s) into agent
 if [ ".$opt_a" = .yes ]; then
-    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
-        echo "$prog_name:WARNING: agent not running" 1>&2
+    if [ ".$SSH_AUTH_SOCK" = . ]; then
+        echo "$prog_name:WARNING: agent not available" 1>&2
     else
         if [ $# -eq 0 ]; then
             echo "$prog_name:ERROR: no keys specified on command line" 1>&2
@@ -244,12 +264,12 @@ if [ ".$opt_a" = .yes ]; then
             done
             if [ ".$load" = .yes ]; then
                 if [ ".$opt_q" = .no ]; then
-                    echo "$prog_name: loading key $key_file"
+                    echo "$prog_name: loading key $key_file" 1>&2
                 fi
                 key_missing="$key_missing $key_file"
             else
                 if [ ".$opt_q" = .no ]; then
-                    echo "$prog_name: skipping key $key_file (already loaded)"
+                    echo "$prog_name: skipping key $key_file (already loaded)" 1>&2
                 fi
             fi
         done
@@ -261,8 +281,8 @@ fi
 
 #   list key(s) available in agent
 if [ ".$opt_l" = .yes ]; then
-    if [ ".$SSH_AUTH_SOCK" = . -a ".$SSH_AGENT_PID" = . ]; then
-        echo "$prog_name:WARNING: agent not running" 1>&2
+    if [ ".$SSH_AUTH_SOCK" = . ]; then
+        echo "$prog_name:WARNING: agent not available" 1>&2
     else
         $ssh_add -l
     fi