How to avoid typing ssh-add everytime
Solution 1
I have installed keychain.
sudo apt-get install keychain
If you're running bash you need to add a few commands to your .bash_profile If you do not have a .bash_profile create one in your home folder. Add these lines:
### START-Keychain ###
# Let re-use ssh-agent and/or gpg-agent between logins
/usr/bin/keychain $HOME/.ssh/id_dsa
source $HOME/.keychain/$HOSTNAME-sh
### End-Keychain ###
At the start of a work day I will login. When I open a terminal, I will be prompted once for my passphrase. For all other new terminals and connections I will not be asked for my passphrase again.
Solution 2
What you are looking for is less secure , but it can be accomplished using public key authentication without the need for ssh-agent. A more secure option is to use public key authentication with a passphrase while turning off password authentication on the ssh server, but this isn't what you asked for. See the link at the bottom of this answer for instructions if you decide to do this instead.
To use ssh without being asked for any passphrase, you need to generate your keypair while leaving the passphrase field blank.
To check if you have already generated a keypair, check for the files id_rsa and id_rsa.pub in your ~/.ssh directory. If they are already there, you can delete them or move them to create a new keypair.
Note, if you delete them you will lose access to any ssh servers you are using then old keys to authenticate to if password authentication is turned off on the server.
To create a new keypair, run the following command:
ssh-keygen -t rsa
Accept the default location for the keys and leave the passphrase blank.
To give your public key to the ssh server you want to connect to, use the following command:
ssh-copy-id -i ~/.ssh/id_rsa.pub username@remotehost
After completing these steps, you will be able to log in to the remote server without a password from the computer you are using.
Reference: http://tombuntu.com/index.php/2008/02/20/public-key-authentication-for-ssh-made-easy/
Related videos on Youtube
ssgao
Updated on September 18, 2022Comments
-
ssgao over 1 year
I read and followed some online documentation on how to set up a ssh-agent so that I don't need to type in password every time I ssh to a remote machine.
However, with the help of ssh-agent, I still need to do
ssh-add
every time I restart the shell. Thessh-add
then asks me to enter the passphrase to unlock the private key.Enter passphrase for key '/home/xx/.ssh/id_rsa':
Instead of typing in my password for the remote machine, I am asked to type in the password for the private key. It's like stepping out of a purgatory and found myself in a hell afterwards. It looks like the id_rsa is only temporarily added to the ssh-agent in a session, because every time I log in and type
ssh-add -l
. I get:The agent has no identities.
May I ask how permanently store the key (id_rsa) in ssh-agent? Thanks
EDIT: this is what I did with
ssh-agent
. I appended the following block into~/.bash_profile
SSHAGENT=/usr/bin/ssh-agent SSHAGENTARGS="-s" if [ -z "$SSH_AUTH_SOCK" -a -x "SSHAGENT" ]; then eval `$SSHAGENT $SSHAGENTARGS` trap "kill $SSH_AGENT_PID" 0 fi
-
Admin over 10 yearsDo you mean that you have to type your passphrase each time you log in, or each time you open a shell window? You say you've followed some online documentation, but ssh-agent works out of the box on Ubuntu, so you shouldn't have had anything to do. What did you do exactly?
-
Admin over 10 yearsI have to type in passphrase every time I ssh into the remote machine. BUT it is not the passphrase to access the remote machine, it is the passphrase to unlock my private key (id_rsa).
-
Admin over 10 yearsI know that it's your key's passphrase. What I'm asking is what you did to set up ssh-agent, and whether running
ssh-add
has an effect that lasts longer than the shell window that you typed it in. -
Admin over 10 yearsThe effect lasts until I log out of the system (local). I put what I did with
ssh-agent
in the post. -
Admin over 10 yearsThis sounds like normal behavior: you need to type your passphrase once per session to unlock the key. If the unlocked key was stored somewhere, this would defeat the purpose of having a passphrase on the key — anyone obtaining the stored unlocked key could use it. Were you expecting something else? Do you want the key to be stored in memory after you log out so that it's available until the next reboot?
-
-
ssgao over 10 yearshow is this different from typing
ssh-add
in the terminal? -
abhishek almost 8 yearsya but then u will have to type ssh-add everytime... doing this will cut out your 2 steps --> eval "$(ssh-agent)" and ssh-add
-
Byte Commander about 6 yearsCould you please expand your answer with more detail on how to do that and why it would solve the problem in question? Thanks.