Questions tagged [keychain]

Keychain is a manager for ssh-agent.

Keychain is a manager for ssh-agent. It allows your shells and cron jobs to share a single ssh-agent process. By default, the ssh-agent started by keychain is long-running and will continue to run, even after you have logged out from the system.

When keychain is run, it checks for a running ssh-agent, otherwise it starts one. It saves the ssh-agent environment variables so that subsequent logins and non-interactive shells such as cron jobs can source the file and make passwordless ssh connections. In addition, when keychain runs, it verifies that the key files specified on the command-line are known to ssh-agent, otherwise it loads them, prompting you for a password if necessary.

Keychain also supports gpg-agent in the same ways that ssh-agent is supported.

keychain supports most UNIX-like operating systems, including Cygwin. It works with Bourne-compatible, csh-compatible and fish shells.

Keychain is free software. You can find the source here.

17 questions

votes

5 answers

Firefox does not load certificate chain

I'm running lighttpd/1.4.28 (ssl) on Debian Squeeze. I just created a http://startssl.com certificate, I runs fine at all of my Browsers (Firefox, Chrome, Opera), but my users are reporting certificate-errors in Firefox. I already nailed it down to…

asked Jan 03 '12 at 21:16

TimWolla

votes

2 answers

How to connect to a VPN with a certificate using the shipped VPN client within Mac OS X 10.6.6?

I'm trying to set up a VPN on a Mac OS X to connect to OpenVPN server. I've been provided the following files: client.key client.crt ta.key ca.crt I added to the Keychain System client.crt & ca.crt, it worked, but when I try to use a certificate…

mac-osx vpn certificate keychain

asked Apr 04 '11 at 13:50

John

votes

1 answer

is it possible to use KeyChain / ssh-agent with apache?

There are a lots a question (and duplicates) on serverfault asking how restart Apache without the passphrase prompt. Two solutions are proposed : removing the password from the key the apache directive that supply the key to Apache…

apache-2.2 mod-ssl keychain

asked Nov 08 '12 at 19:03

snowflake

votes

3 answers

Mac OSX Server: svn via ssh command line and encrypted passwords

When I log into our mac mini server running OSX 10.6 via ssh and use svn I get the message: ATTENTION! Your password for authentication realm: can only be stored to disk unencrypted! You are advised to configure your system so that Subversion…

mac-osx svn password encryption keychain

asked Mar 12 '10 at 13:04

Ben Clayton

votes

2 answers

Should a server or a client be able to verify a client/server certificate - intermediate certificate chain with a known root ca?

I am trying to test the following setup: A RADIUS server works with the EAP-TLS protocol. The client and the server have the following certificates: Client Public Key: clientcert_intermediatecert_chain.pem CA-certificate: rootcert.pem Server Public…

ssl authentication radius freeradius keychain

asked Jul 07 '17 at 10:06

Jannis Kappertz

votes

0 answers

Install keychain on Amazon Linux AMI?

I have a github account that I would like to push to on a regular basis from an Amazon ec2 instance. In order to connect to the github account I have an SSH key that's passphrase protected, so in order to push to or pull from github I have to enter…

amazon-ec2 repository ssh-agent keychain

asked Jul 17 '15 at 15:57

Zero Wing

votes

2 answers

Why does Keychain compain that id_rsa.pub is missing?

I'm reading this article on setting up unattended backups in Duplicity. I'm in the part called 7.2. SSH KeyCaching I've added the following to my root .bash_profile keychain --clear id_rsa . /root/.keychain/www-sh The article states that keychain…

rsa duplicity keychain

asked Nov 24 '11 at 07:50

leeand00

4,807
13
64
106

vote

1 answer

Root certificate authority works windows/linux but not mac osx - (malformed)

I have created a self-signed root certificate authority which if I install onto windows, linux, or even using the certificate store in firefox (windows/linux/macosx) will work perfectly with my terminating proxy. I have installed it into the system…

proxy ssl-certificate mac certificate-authority keychain

asked May 22 '14 at 18:24

AKwhat

vote

0 answers

Won't keychain --clear in .bash_profile interfere with cron jobs?

Keychain tutorials recommend adding /usr/bin/keychain --clear to ~/.bash_profile to only allow cron jobs to use passwordless login. I'm not sure I understand how this works. If I take it right, the option will clear the ssh-agent's cache when a…

security cron keychain

asked Feb 04 '14 at 10:46

Mike

vote

0 answers

Ubuntu 12.04.1 Server Keychain Not Prompting Password

I am running an Ubuntu web server and have setup RSA public/private keys so that I can backup over to my windows server securely. I have tested backing up my system over SFTP and it works fine. I have recently scripted the backup process but I am…

ubuntu keychain

asked Jan 13 '13 at 06:03

user153199

vote

1 answer

Capistrano suddenly stops using public key

I'm trying Capistrano to deploy to a VPS where I have public key access to my user foo. For deployment, I created another user deploy, set up my key into it's authorized_keys, configured capistrano to use this user and did a succesful cap…

ssh vps capistrano keychain

asked Jan 01 '13 at 20:48

Mauricio Pasquier Juan

vote

2 answers

Be able to pull from git without password on login or just run keychain which does it for me

I need to pull from Github all the time and I have a passphrase, but it's a pain, so I typically run... ssh-agent bash ssh-add ~/.ssh/id_rsa git pull ... And that works for the session, but even after I logout, I would…

ssh bash git ssh-agent keychain

asked May 16 '12 at 20:14

TheFrack

votes

1 answer

What does the FreeRADIUS error "SSL says error 25 : path length constraint exceeded" mean?

I am testing the WLAN functionalities of a device connecting to a RADIUS server. This RADIUS server is located on a Raspberry Pi with Raspbian Stretch and is using FreeRADIUS 3.0 and Hostapd. Some of the EAP-TLS test cases check what happens if long…

ssl openssl certificate freeradius keychain

asked Sep 18 '17 at 13:52

Jannis Kappertz

votes

2 answers

How to get CSR Value from KeyChain Access

So...probably a dumb question but I followed the instructions here And I'm trying to upload my CSR to digicert where the format is suppose to look like this -----BEGIN CERTIFICATE…

certificate keychain

asked Aug 04 '15 at 20:16

poopit

votes

2 answers

Automate git-pull, stuck with keychain

I'd like to create a cronjob to automatically run a git-pull every minute. The problem is that my repo is private, I had to create keys on my system (Ubuntu Server 12.04). I installed keychain and ssh-agent now prevents the system from asking me the…

git shell unix command-line-interface keychain

asked Apr 05 '13 at 21:15

MultiformeIngegno

1,627
9
24
31

2 Next