How to avoid typing ssh-add everytime

Question

I read and followed some online documentation on how to set up a ssh-agent so that I don't need to type in password every time I ssh to a remote machine.

However, with the help of ssh-agent, I still need to do ssh-add every time I restart the shell. The ssh-add then asks me to enter the passphrase to unlock the private key.

Enter passphrase for key '/home/xx/.ssh/id_rsa':

Instead of typing in my password for the remote machine, I am asked to type in the password for the private key. It's like stepping out of a purgatory and found myself in a hell afterwards. It looks like the id_rsa is only temporarily added to the ssh-agent in a session, because every time I log in and type ssh-add -l. I get:

The agent has no identities.

May I ask how permanently store the key (id_rsa) in ssh-agent? Thanks

EDIT: this is what I did with ssh-agent. I appended the following block into ~/.bash_profile

SSHAGENT=/usr/bin/ssh-agent                                                                                        
SSHAGENTARGS="-s"
if [ -z "$SSH_AUTH_SOCK" -a -x "SSHAGENT" ]; then
  eval `$SSHAGENT $SSHAGENTARGS`
  trap "kill $SSH_AGENT_PID" 0
fi

score 8 · Answer 1 · answered Feb 20 '14 at 05:58

I have installed keychain.

sudo apt-get install keychain

If you're running bash you need to add a few commands to your .bash_profile If you do not have a .bash_profile create one in your home folder. Add these lines:

### START-Keychain ###
# Let  re-use ssh-agent and/or gpg-agent between logins
/usr/bin/keychain $HOME/.ssh/id_dsa
source $HOME/.keychain/$HOSTNAME-sh
### End-Keychain ###

At the start of a work day I will login. When I open a terminal, I will be prompted once for my passphrase. For all other new terminals and connections I will not be asked for my passphrase again.

score 1 · Answer 2 · answered Dec 28 '13 at 21:49

What you are looking for is less secure , but it can be accomplished using public key authentication without the need for ssh-agent. A more secure option is to use public key authentication with a passphrase while turning off password authentication on the ssh server, but this isn't what you asked for. See the link at the bottom of this answer for instructions if you decide to do this instead.

To use ssh without being asked for any passphrase, you need to generate your keypair while leaving the passphrase field blank.

To check if you have already generated a keypair, check for the files id_rsa and id_rsa.pub in your ~/.ssh directory. If they are already there, you can delete them or move them to create a new keypair.

Note, if you delete them you will lose access to any ssh servers you are using then old keys to authenticate to if password authentication is turned off on the server.

To create a new keypair, run the following command:

ssh-keygen -t rsa

Accept the default location for the keys and leave the passphrase blank.

To give your public key to the ssh server you want to connect to, use the following command:

ssh-copy-id -i ~/.ssh/id_rsa.pub username@remotehost

After completing these steps, you will be able to log in to the remote server without a password from the computer you are using.

Reference: http://tombuntu.com/index.php/2008/02/20/public-key-authentication-for-ssh-made-easy/

Alexey · Answer 3 · 2018-05-10T13:08:14.747

0

Some time ago, i suddenly started being asked for a passphrase to unlock my ssh key when doing git push. It turned out that to stop being asked for a passphrase it was enough to add SSH Key Agent (GNOME Keyring: SSH Agent) to Startup Applications (in my case -- just to check the checkbox):

edited May 10 '18 at 13:08

answered May 09 '18 at 10:21

Alexey

793

How to avoid typing ssh-add everytime

3 Answers3