Remember passphrases with ssh-agent — First published in fullweb.io issue #31
source link: https://gist.github.com/nepsilon/45fae11f8d173e3370c3
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
How to use ssh-agent to cache your SSH credentials?
Contributed by Fabien Loudet, Linux SysAdmin at Rosetta Stone
Tired of always having to enter your SSH key passphrase when logging in to remote machines?
Here comes ssh-agent. Enter the passphrase once and it will keep it in memory for you
Using ssh-agent in your shell session:
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-hZQhwQlxahPX/agent.1833; export SSH_AUTH_SOCK;
SSH_AGENT_PID=1834; export SSH_AGENT_PID;
echo Agent pid 496; Copy/paste the 2 first lines from above:
$ SSH_AUTH_SOCK=/tmp/ssh-hZQhwQlxahPX/agent.1833; export SSH_AUTH_SOCK;
$ SSH_AGENT_PID=1834; export SSH_AGENT_PID; Register your key and enter your password for the last time of this session:
$ ssh-add .ssh/id_rsa
Enter passphrase for .ssh/id_rsa:
Identity added: .ssh/id_rsa (.ssh/id_rsa)And now SSH auth will not ask you for the passphrase anymore
BONUS: list your keys with:
$ ssh-add -lYou can also directly open a new shell session spawned by ssh-agent :
$ ssh-agent bashThe SSH_AUTH_SOCK and SSH_AGENT_PID variables will already be set in the new shell session. It will spare you exporting them manually (step one and two above).
xkadmx commented Dec 16, 2018 •
I got my id_rsa identity added, still my verification problem repeats when I try to initialise push on GitHub. I use inteliJ>VCS>Import into Version Control>Share Project on GitHub. This is the error I receive:
Successfully created project 'ProjektZ_keprim' on GitHub, but initial push failed: Warning: Permanently added the RSA host key for IP address '140.82.118.4' to the list of known hosts. [email protected]: Permission denied (publickey). Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
And more, after following steps advised above my Git Bash throws:
ZuzannaRo@ZuzannaRo24 MINGW64 /
$ ssh-add -l
2048 SHA256:pbPkCPH/XRp5RPhI3dERAWR/OJN3HAHUMXilUByp1U4 /c/Users/ZuzannaRo/.ssh/id_rsa (RSA)
Save yourself the copy and paste job with
eval.eval $(ssh-agent)https://unix.stackexchange.com/questions/351725/why-eval-the-output-of-ssh-agent
Save yourself another step and just do:
eval $(ssh-agent) && ssh-add .ssh/id_rsaAlso note that if you have cleverly used something other than .ssh/id_rsa for your SSH keys you'll need to change the command accordingly. (I use the filename <hostname>_rsa in order to avoid mixing up SSH keys from different computers.) You could probably do this automatically with cat ~/.ssh/config, grep, and some pipes, but that's way beyond my abilities lol.
mahtin commented Oct 12, 2022
Adding the following to ~/.ssh/config will help wit this. It also solves @elsiehupp's issue - i.e. there's no need to write code to do this automagically. Enjoy!
Host *
AddKeysToAgent yes
Here's the manual page:
AddKeysToAgent
Specifies whether keys should be automatically added to a running
ssh-agent(1). If this option is set to yes and a key is
loaded from a file, the key and its passphrase are added to the
agent with the default lifetime, as if by ssh-add(1). If this
option is set to ask, ssh will require confirmation using the
SSH_ASKPASS program before adding a key (see ssh-add(1) for
details). If this option is set to confirm, each use of the
key must be confirmed, as if the -c option was specified to
ssh-add(1). If this option is set to no, no keys are added
to the agent. The argument must be yes, confirm,
ask, or no. The default is no.
As a bonus, on a Mac you have the UseKeychain option (check it out in the man page on your Mac).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK