[PLUG] Using ssh-agent and ssh-add

Steve Dum dr.doom at frontier.com
Thu Mar 30 22:48:38 UTC 2017


If you are using GNOME or KDE they both have mechanisms to add a ssh 
agent when you log in. They maintain a locked cache of your ssh keys. 
The first time you open a ssh session, a popup will ask for your passwd 
to the cache, and then for the duration of your login session the agent 
has your keys.

If your using neither of these window management systems, there is a 
tool called Keychain, that provides the same sort of service.  You 
invoke keychain in your .login (or other appropriate startup script) 
with a mode setting and list of public keys, and it takes care of the rest.

The gnome and kde solutions are designed to terminate the agent when you 
log off.  I believe in gnome, it is actually the first process in the 
login chain.  With keychain you can set it up to terminate on logoff, or 
to remain running, and the next login (assuming no reboot inbetween) 
will find the agent previously setup, and use it.  It used to be 
distributed off an IBM website, but I see it's now at
http://www.funtoo.org/Keychain
There is also a 3 part article on setting up ssh on the website.

All three of these solutions (and your adding ssh-agent and ssh-add to 
your .bash_login script) have the same effect. When you log in you get 
prompted once for a passwd. The first three delay the prompt until you 
actually try to use ssh.

steve

Rich Shepard wrote:
>     My laptops are not always on. When I do fire up one and want to exchange
> files with the desktop each transaction requires my typing my passphrase.
> Can I add ssh-agent and ssh-add to ~/.bash_profile so I need type the
> passphrase only once after booting a host?
>
> Rich
> _______________________________________________
> PLUG mailing list
> http://lists.pdxlinux.org/mailman/listinfo/plug
>




More information about the PLUG mailing list