How to automatically unlock private SSH key?
Solution 1
I may be mistaken here, but it sounds like what you're trying to do is to not need to unlock your key every time it is used?
If that's the case, it seems like the easiest solution would be to just not create a passphrase while creating the key. i.e. run
ssh-keygen
and when it asks for a passphrase, just press enter twice. I apologize if this is too simplistic, but it's what I've always done when creating keys so I don't need to unlock them. Hope it helps!
Solution 2
For reusage of encrypted key use ssh-agent
. It prints some output containing environment variables that you have to export. Then add keys with ssh-add
.
You have to unlock your key only once until ssh-agent is running.
Related videos on Youtube
Nathan Osman
Email: [email protected] I am both an Ubuntu user and Ubuntu member. By profession, I am a software developer and I work with C++, Python, and (more recently) Go. I enjoy tinkering with different things like motion tracking in Blender, creating an Android app for time-lapse photography, or writing Linux kernel modules. - 2buntu - community blog that I sometimes contribute to - NitroShare - a cross-platform network file transfer utility - REST Easy - Firefox add-on for analyzing HTTP responses
Updated on September 18, 2022Comments
-
Nathan Osman over 1 year
I have generated an RSA public / private key pair using
ssh-keygen
. However, I am prompted to enter the password to unlock it the first time it is used each session. How can I automatically have it unlocked after login?Even better: since this is running on an Ubuntu server, it would be great if it was never locked at all - that way the automated daemons that need it would not require manual intervention to use it.
-
Admin over 12 yearsPossible duplicate: askubuntu.com/questions/36255/…
-
Admin over 12 years@root45: How is that a duplicate? It doesn't seem to be the same question at all.
-
Admin over 12 yearsYou're both being asked to unlock your key file each time you SSH into a server. Sorry, they seemed to be very similar or the same to me, but maybe I'm misunderstanding one or the other or both.
-
-
Paradiesstaub over 12 yearsThat is not that kind of thing that improves security. A user could just copy the private key and access the other computer(s) easily.
-
greydet over 10 yearsI agree with Paradiesstaub, this accepted answer present security vulnerabilities!
-
jat255 over 10 yearsThat's certainly true, but hopefully there is some sort of encryption on the disk or at least on /home/user. If not, I agree that it's a pretty significant vulnerability, but that's typically the tradeoff for convenience, no?