Using the SSH Key Agent to Remember Passphrases

Use the SSH Key Agent to enter the passphrases for any of the SSH keys a single time throughout the login session. In this manner, you avoid the poor security practice of creating SSH keys without passphrases.

1. After you log in, check that the agent is started:

   ps -ef|grep -i ssh-agent

   If the agent is not started, start it by using the running the following command:

   eval $(ssh-agent -s)

2. Run the ssh-add command to add any of the ssh keys to the agent. For example:

   ssh-add $HOME/.ssh/id_sshkey

   The command prompts you for the key passphrase. The passphrase applies through the entire login session. If you use the key to connect to another system, the prompt for a passphrase no longer appears.

   Note:

   The error message Could not open a connection to your authentication agent indicates that the agent might not be running.

3. Repeat the command for each key that you want to add.

4. After adding the keys to the agent, you can open SSH connections to any systems that have the paired public key configured in the authorized_hosts file, without being prompted for a passphrase. This behavior applies also to any scripts that are run as the user.