Remember passphrases with ssh-agent — First published in fullweb.io issue #31

how-to-ssh-agent.md

How to use ssh-agent to cache your SSH credentials?

Contributed by Fabien Loudet, Linux SysAdmin at Rosetta Stone

Tired of always having to enter your SSH key passphrase when logging in to remote machines? Here comes ssh-agent. Enter the passphrase once and it will keep it in memory for you

Using ssh-agent in your shell session:

$ ssh-agent 
SSH_AUTH_SOCK=/tmp/ssh-hZQhwQlxahPX/agent.1833; export SSH_AUTH_SOCK; 
SSH_AGENT_PID=1834; export SSH_AGENT_PID; 
echo Agent pid 496; 

Copy/paste the 2 first lines from above:

$ SSH_AUTH_SOCK=/tmp/ssh-hZQhwQlxahPX/agent.1833; export SSH_AUTH_SOCK; 
$ SSH_AGENT_PID=1834; export SSH_AGENT_PID; 

Register your key and enter your password for the last time of this session:

$ ssh-add .ssh/id_rsa 
Enter passphrase for .ssh/id_rsa: 
Identity added: .ssh/id_rsa (.ssh/id_rsa)

And now SSH auth will not ask you for the passphrase anymore

BONUS: list your keys with:

$ ssh-add -l

This is a pure shell issue and not an ssh subsystem issue.

Meh. I just did this instead. I still have to unlock it once after rebooting and opening the terminal, but it's still less of a headache than it was.

sudo nala install keychain (apt instead of nala for thoses who haven't migrated yet)

Added to ~/.bashrc:

if [[ `uname` == Linux ]] then
    /usr/bin/keychain $HOME/.ssh/id_rsa
    source $HOME/.keychain/$HOSTNAME-sh
fi

Added to ~/.ssh/config

Host *
    IgnoreUnknown UseKeychain
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa

At least it works so there's that. sigh