Save identities added by ssh-add so they persist
Solution 1
What is ssh-agent
for and how does it work?
The ssh-agent
keeps your decrypted keys securely in memory and in your session. There is no reasonable and safe way to preserve the decrypted keys among reboots/re-logins.
OK, how can I automate it?
Automate ssh-agent
startup
Add
[ -z "$SSH_AUTH_SOCK" ] && eval "$(ssh-agent -s)"
to your ~/.bashrc
or other startup script (~/.zshrc
).
Automate adding the keys
The keys can be automatically added upon the first usage, when you add
AddKeysToAgent yes
to your ~/.ssh/config
.
For more information on ~/.ssh/config
see man ssh_config
.
Solution 2
Add this to ~/.bashrc
This means ssh-agent will be started automatically when you open another session no your terminal
if [ -z "$SSH_AUTH_SOCK" ] ; then
eval `ssh-agent -s`
fi
if you need a key to be added to the agent also add this
if [ -z "$SSH_AUTH_SOCK" ] ; then
eval `ssh-agent -s`
ssh-add ~/.ssh/<your private ssh key>
fi
Related videos on Youtube
timotree
timotree I love computers, programming, open-source, GNU/Linux, alternative education, and explaining things.
Updated on September 18, 2022Comments
-
timotree over 1 year
I recently setup
openssh
so I could use it withgit
.In the process of setting it up (as per this article) I ran the commands:
$ eval "$(ssh-agent -s)" $ ssh-add ~/.ssh/<name of key>
Some time later, after I logged out and back in I tried to use
git push
I got an error. The solution to this error was running those same commands again.Please tell me how I can
- Keep the
ssh-agent
running so I don't have to start a new one - Remember the keys I've added so I don't have to add them everytime
Just to clarify, I use zsh so certain bash features won't work in my .zshrc.
-
Jakuje over 7 yearsYou should start with understanding what is
ssh-agent
for and how does it work before trying to suit it your twisted use case. -
Jakuje over 7 yearsWhat error you got?
-
timotree over 7 years@Jakuje The error was about a missing pubkey and asked "Have you started ssh-agent?".
- Keep the
-
timotree over 7 yearsSo you're saying if I enable AddKeysToAgent, then whenever I type
eval "$(ssh-agent -s)"
it will add my key? -
Jakuje over 7 yearsIf the agent is running and your
ssh
supports this option, then yes. -
timotree over 7 yearsCan you please clarify how I would automate starting the
ssh-agent
then? -
Jakuje over 7 yearsBasically, as explained in the other answer.
[ -z "$SSH_AUTH_SOCK" ] && eval $(ssh-agent)
-
timotree over 7 yearsDoes that work with zsh?
-
Jakuje over 7 yearsYes, but in that case, it is not
~/.bashrc
, but~/.zshrc
or similar file. -
timotree over 7 yearsLet us continue this discussion in chat.
-
timotree over 7 yearsThis was a good answer but doesn't explain what the command does.
-
mindplay.dk over 4 yearsOn Ubuntu 19.10, I ended up with two instances of
ssh-agent
, as it appears to come preinstalled (?) - you can check withps -e | grep 'ssh'
to see if it's running. I only needed to add the theAddKeysToAgent yes
setting to.ssh/config
to make added keys persist between reboots. -
huangbiubiu almost 4 yearsI suggest redirecting the output to
/dev/null
, otherwise thessh-agent
will print the pid when login, which might cause failing usingrsync
. See serverfault.com/a/328404/576442. You can use[ -z "$SSH_AUTH_SOCK" ] && eval "$(ssh-agent -s)" > /dev/null 2>&1
-
HalfWebDev about 2 yearsHow can we persist passphrase?