Method 1: Add all known keys to the SSH agent.
therefore one solution I found is to run
ssh-add with the
-A option—which adds all known identities to the SSH agent using any passphrases stored in your keychain—like this :
now this works but it won ’ t persist across reboots. so if you want to never worry about this again, precisely open up your drug user ’ randomness
~/.bash_profile file like this :
And add this agate line to the bottom :
ssh-add -A 2>/dev/null;
now when you open a new Terminal window, all should be well !
Method 2: Add only SSH keys that are in the keychain to the agent.
so while the
ssh-add -A option should work for most basic cases, I ran into an issue recently where I had 6-7 Vagrant boxes ( which uses SSH keys/identities for access ) apparatus on a machine on exceed of the more common
id_rsa.pub in place .
Long report short-change, I ended up being locked out of a outback server due to besides many failed tries based on SSH keys/identities since the server access was based on a password and SSH keys/identities are SSH keys/identities. So the SSH agent tried all of my SSH key, failed and I couldn ’ t flush get to the password immediate .
The problem is that
ssh-add -A will good randomly add every one SSH key/identity you have to the agent even if it ’ s not necessity to do thus ; such as in the event of Vagrant boxes .
My solution after much test was as follows .
first base, if you have more SSH keys/identities added to your agent than you need—as shown with
ssh-add -l then purge them all from the agent like so :
With that done, then start the SSH agent as a background process like therefore :
eval "$(ssh-agent -s)"
now, it gets weird and I am not besides certain why. In some cases you can specifically add the
~/.ssh/id_rsa key/identity to the agentive role like so :
type in your passphrase, hit Return and you should be good to go .
But in other cases just running this is adequate to get the key/identity added :
If that ’ s all worked, type in
ssh-add -l and you should see one alone SSH key/identity listed .
All full ? now open up your
And add this line to the bottom ; gossip or remove the
-A version if you have that in identify :
ssh-add -K 2>/dev/null;
That will allow the SSH key/identity to be reloaded to the SSH agentive role on each startup/reboot .
UPDATE: Apple has now added a
UseKeychain option to the open SSH config options and considers
ssh-add -A a solution as well.
As of macOS Sierra 10.12.2, Apple has added a
UseKeychain config option for SSH configs. Checking the man page ( via
man ssh_config ) shows the following information :
UseKeychain On macOS, specifies whether the system should search for passphrases in the user's keychain when attempting to use a par- ticular key. When the passphrase is provided by the user, this option also specifies whether the passphrase should be stored into the keychain once it has been verified to be correct. The argument must be ``yes'' or ``no''. The default is ``no''.
Which boils toss off to Apple seeing the solution as either adding
ssh-add -A to your
.bash_profile as explained in this Open Radar tag or adding
UseKeychain as one of the options in a per user