Save identities added by ssh-add so they persist

15

5

I recently setup openssh so I could use it with git.

In the process of setting it up (as per this article) I ran the commands:

$ eval "$(ssh-agent -s)"
$ ssh-add ~/.ssh/<name of key>

Some time later, after I logged out and back in I tried to use git push I got an error. The solution to this error was running those same commands again.

Please tell me how I can

  • Keep the ssh-agent running so I don't have to start a new one
  • Remember the keys I've added so I don't have to add them everytime

Just to clarify, I use zsh so certain bash features won't work in my .zshrc.

timotree

Posted 2016-12-04T17:18:33.137

Reputation: 742

You should start with understanding what is ssh-agent for and how does it work before trying to suit it your twisted use case. – Jakuje – 2016-12-04T18:55:54.463

What error you got? – Jakuje – 2016-12-04T19:05:57.173

@Jakuje The error was about a missing pubkey and asked "Have you started ssh-agent?". – timotree – 2016-12-04T19:28:25.167

Answers

17

What is ssh-agent for and how does it work?

The ssh-agent keeps your decrypted keys securely in memory and in your session. There is no reasonable and safe way to preserve the decrypted keys among reboots/re-logins.

OK, how can I automate it?

Automate ssh-agent startup

Add 

[ -z "$SSH_AUTH_SOCK" ] && eval "$(ssh-agent -s)"

to your ~/.bashrc or other startup script (~/.zshrc).

Automate adding the keys

The keys can be automatically added upon the first usage, when you add

AddKeysToAgent yes

to your ~/.ssh/config.

For more information on ~/.ssh/config see man ssh_config.

Jakuje

Posted 2016-12-04T17:18:33.137

Reputation: 7 981

So you're saying if I enable AddKeysToAgent, then whenever I type eval "$(ssh-agent -s)" it will add my key? – timotree – 2016-12-04T19:27:37.170

If the agent is running and your ssh supports this option, then yes. – Jakuje – 2016-12-04T19:28:17.807

Can you please clarify how I would automate starting the ssh-agent then? – timotree – 2016-12-04T19:30:20.180

Basically, as explained in the other answer. [ -z "$SSH_AUTH_SOCK" ] && eval $(ssh-agent) – Jakuje – 2016-12-04T19:31:41.583

Does that work with zsh? – timotree – 2016-12-04T19:32:29.147

Yes, but in that case, it is not ~/.bashrc, but ~/.zshrc or similar file. – Jakuje – 2016-12-04T19:33:20.870

Let us continue this discussion in chat.

– timotree – 2016-12-04T19:51:08.870

On Ubuntu 19.10, I ended up with two instances of ssh-agent, as it appears to come preinstalled (?) - you can check with ps -e | grep 'ssh' to see if it's running. I only needed to add the the AddKeysToAgent yes setting to .ssh/config to make added keys persist between reboots. – mindplay.dk – 2020-02-07T13:46:40.213

3

Add this to ~/.bashrc

if [ -z "$SSH_AUTH_SOCK" ] ; then
 eval `ssh-agent -s`
 ssh-add
fi

Savitoj Singh

Posted 2016-12-04T17:18:33.137

Reputation: 91

1This was a good answer but doesn't explain what the command does. – timotree – 2016-12-04T21:48:02.287

Asked: 2016-12-04T17:18:33.137

Viewed: 12 672 times

Active: 2018-10-02T08:29:15.687