Run SSH Agent w/Modified Options (MacOS Big Sur, No Homebrew, No SIP Modification)
The following will show you how you can modify the startup options of the SSH agent supplied by MacOS in a non-invasive way. This can be useful for doing things like setting a key lifetime, which can then be used with
AddKeysToAgent in your
~/.ssh/config to automate the timing out of saved keys. This ensures that your passphrase is re-asked for periodically without having to shutdown, re-log, or having it actually persisted in keychain, the latter being almost as bad as having no passphrase at all, given that simply being logged in is generally enough to then use the key.
This method does not modify the system-installed SSH agent service (
com.openssh.ssh-agent), but rather duplicates its functionality into a user-installed launch agent where we can then modify the options. Modifying the system-installed service is becoming increasingly harder to do; SIP generally protects