I have a private key protected with a password to access a server via SSH.
I have 2 linux (ubuntu 10.04) machines and the behavior of ssh-add command is different in both of them.
In one machine, once I use "ssh-add .ssh/identity" and entered my password, the key was added permanently, i.e., every time I shutdown the computer and login again, the key is already added.
In the other one, I have to add the key every time I login.
As far as I remember, I did the same thing on both. The only difference is that the key was created on the one that is added permanently.
Does anyone know how to add it permanently to the other machine as well?
Adding the following lines in "~/.bashrc" solved the issue for me. I'm using Ubuntu 14.04 desktop.
eval `gnome-keyring-daemon --start`
USERNAME="reynold"
export SSH_AUTH_SOCK="$(ls /run/user/$(id -u $USERNAME)/keyring*/ssh|head -1)"
export SSH_AGENT_PID="$(pgrep gnome-keyring)"
This worked for me.
ssh-agent /bin/sh
ssh-add /path/to/your/key
In my case the solution was:
Permissions on the config file should be 600.
chmod 600 config
As mentioned in the comments above by generalopinion
No need to touch the config file contents.
I had the same issue on Ubuntu 16.04: some keys were added permanently, for others I had to execute ssh-add on every session. I found out that the keys which were added permanently had both private and public key located in ~/.ssh and the keys which were forgotten on every session had only private keys in ~/.ssh dir. So solution is simple: you should copy both private and public key to ~/.ssh before executing ssh-add.
P.S.: As far as I understand from Gnome wiki my method works thanks to gnome-keyring tool which is part of the Gnome Desktop Environment. Therefore my method should probably work only if you use Gnome or Gnome-based DE.
I solved that problem on Mac OSX (10.10) by using -K option for ssh-add:
ssh-add -K ~/.ssh/your_private_key
For macOS 10.12 and later you need to additionally edit your ssh config as described here: https://github.com/jirsbek/SSH-keys-in-macOS-Sierra-keychain
I tried @Aaron's solution and it didn't quite work for me, because it would re-add my keys every time I opened a new tab in my terminal. So I modified it a bit(note that most of my keys are also password-protected so I can't just send the output to /dev/null):
added_keys=`ssh-add -l`
if [ ! $(echo $added_keys | grep -o -e my_key) ]; then
ssh-add "$HOME/.ssh/my_key"
fi
What this does is that it checks the output of ssh-add -l(which lists all keys that have been added) for a specific key and if it doesn't find it, then it adds it with ssh-add.
Now the first time I open my terminal I'm asked for the passwords for my private keys and I'm not asked again until I reboot(or logout - I haven't checked) my computer.
Since I have a bunch of keys I store the output of ssh-add -l in a variable to improve performance(at least I guess it improves performance :) )
PS: I'm on linux and this code went to my ~/.bashrc file - if you are on Mac OS X, then I assume you should add it to .zshrc or .profile
EDIT:
As pointed out by @Aaron in the comments, the .zshrc file is used from the zsh shell - so if you're not using that(if you're not sure, then most likely, you're using bash instead), this code should go to your .bashrc file.
This didn't answer the same issue for me under Mac OS X Lion. I ended up adding:
ssh-add ~/.ssh/id_rsa &>/dev/null
To my .zshrc (but .profile would be fine too), which seems to have fixed it.
(As suggested here: http://geek.michaelgrace.org/2011/09/permanently-add-ssh-key-ssh-add/ )
On Ubuntu 14.04 (maybe earlier, maybe still) you don't even need the console:
seahorse or launch that thing you find searching for "key"ssh will pickup the identity (i.e. key) through the agentssh with -A or make that the default
Just add the keychain, as referenced in Ubuntu Quick Tips https://help.ubuntu.com/community/QuickTips
What
Instead of constantly starting up ssh-agent and ssh-add, it is possible to use keychain to manage your ssh keys. To install keychain, you can just click here, or use Synaptic to do the job or apt-get from the command line.
Command line
Another way to install the file is to open the terminal (Application->Accessories->Terminal) and type:
sudo apt-get install keychain
Edit File
You then should add the following lines to your ${HOME}/.bashrc or /etc/bash.bashrc:
keychain id_rsa id_dsa
. ~/.keychain/`uname -n`-sh
I run Ubuntu using two id_rsa key's. (one personal one for work). ssh-add would remember one key (personal one) and forget the company one every time.
Checking out the difference between the two I saw my personal key had 400 rights while the company one had 600 rights. (had u+w). Removing the user write right from the company key (u-w or set to 400) fixed my problem. ssh-add now remembers both keys.
For those that use Fish shell you can use the following function then call it in ~/.config/fish/config.fish or in a separate configuration file in ~/.config/fish/conf.d/loadsshkeys.fish. It will load all keys that start with id_rsa into the ssh-agent.
# Load all ssh keys that start with "id_rsa"
function loadsshkeys
set added_keys (ssh-add -l)
for key in (find ~/.ssh/ -not -name "*.pub" -a -iname "id_rsa*")
if test ! (echo $added_keys | grep -o -e $key)
ssh-add "$key"
end
end
end
# Call the function to run it.
loadsshkeys
If you want to have the ssh-agent auto started when you open a terminal you can use tuvistavie/fish-ssh-agent to do this.
very simple ^_^ two steps
1.yum install keychain
2.add code below to .bash_profile
/usr/bin/keychain $HOME/.ssh/id_dsa
source $HOME/.keychain/$HOSTNAME-sh
Source: Stackoverflow.com