diff --git a/modules/services/ssh-agent.nix b/modules/services/ssh-agent.nix
index e7f81182f8f7..fb79f75db78c 100644
--- a/modules/services/ssh-agent.nix
+++ b/modules/services/ssh-agent.nix
@@ -86,11 +86,18 @@ in
         Description = "SSH authentication agent";
         Documentation = "man:ssh-agent(1)";
       };
-      Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${
-        lib.optionalString (
-          cfg.defaultMaximumIdentityLifetime != null
-        ) " -t ${toString cfg.defaultMaximumIdentityLifetime}"
-      }";
+      Service = {
+        ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${
+          lib.optionalString (
+            cfg.defaultMaximumIdentityLifetime != null
+          ) " -t ${toString cfg.defaultMaximumIdentityLifetime}"
+        }";
+        ExecStartPost = "${pkgs.writeShellScript "update-ssh-agent-env" ''
+          if [ -z "$SSH_AUTH_SOCK" ]; then
+            ${pkgs.dbus}/bin/dbus-update-activation-environment --systemd "$@"
+          fi
+        ''} SSH_AUTH_SOCK=%t/${cfg.socket}";
+      };
     };
   };
 }
diff --git a/tests/modules/services/ssh-agent/basic-service-expected.service b/tests/modules/services/ssh-agent/basic-service-expected.service
index c03d61204fec..152215a62db5 100644
--- a/tests/modules/services/ssh-agent/basic-service-expected.service
+++ b/tests/modules/services/ssh-agent/basic-service-expected.service
@@ -3,6 +3,7 @@ WantedBy=default.target
 
 [Service]
 ExecStart=@openssh@/bin/ssh-agent -D -a %t/ssh-agent/socket
+ExecStartPost=/nix/store/00000000000000000000000000000000-update-ssh-agent-env SSH_AUTH_SOCK=%t/ssh-agent/socket
 
 [Unit]
 Description=SSH authentication agent
diff --git a/tests/modules/services/ssh-agent/basic-service.nix b/tests/modules/services/ssh-agent/basic-service.nix
index 26ab96ed22f3..d3913bcc4317 100644
--- a/tests/modules/services/ssh-agent/basic-service.nix
+++ b/tests/modules/services/ssh-agent/basic-service.nix
@@ -6,7 +6,7 @@
 
   nmt.script = ''
     assertFileContent \
-      home-files/.config/systemd/user/ssh-agent.service \
+      $(normalizeStorePaths home-files/.config/systemd/user/ssh-agent.service) \
       ${./basic-service-expected.service}
   '';
 }
diff --git a/tests/modules/services/ssh-agent/timeout-service-expected.service b/tests/modules/services/ssh-agent/timeout-service-expected.service
index ce16f584c98e..925e7932f933 100644
--- a/tests/modules/services/ssh-agent/timeout-service-expected.service
+++ b/tests/modules/services/ssh-agent/timeout-service-expected.service
@@ -3,6 +3,7 @@ WantedBy=default.target
 
 [Service]
 ExecStart=@openssh@/bin/ssh-agent -D -a %t/ssh-agent -t 1337
+ExecStartPost=/nix/store/00000000000000000000000000000000-update-ssh-agent-env SSH_AUTH_SOCK=%t/ssh-agent
 
 [Unit]
 Description=SSH authentication agent
diff --git a/tests/modules/services/ssh-agent/timeout-service.nix b/tests/modules/services/ssh-agent/timeout-service.nix
index 99f4cf8b20af..8d102c75c124 100644
--- a/tests/modules/services/ssh-agent/timeout-service.nix
+++ b/tests/modules/services/ssh-agent/timeout-service.nix
@@ -6,7 +6,7 @@
 
   nmt.script = ''
     assertFileContent \
-      home-files/.config/systemd/user/ssh-agent.service \
+      $(normalizeStorePaths home-files/.config/systemd/user/ssh-agent.service) \
       ${./timeout-service-expected.service}
   '';
 }