When we create a new SSH Key Pair, we add a passphrase to protect it from unauthorized access.
Whenever we want to use the key, we get asked for the passphrase:
$ ssh email@example.com -i ~/.ssh/id_rsa Enter passphrase for /home/jan/.ssh/id_rsa:
This can get cumbersome quickly, especially if the passphrase is longer (and stored in a password manager).
Therefore, we’re using
ssh-agent, which manages our keys and passphrases for us. Usually, it should start automatically. You can check if it’s up and running with this command:
$ ps aux | grep ssh-agent root 1220 0.0 0.0 11304 320 ? Ss 01:11 0:00 ssh-agent root 1355 0.0 0.1 14856 1028 pts/0 S+ 01:27 0:00 grep --color=auto ssh-agent
In the first line, we see the
ssh-agent process running. The second one comes from the
grep command we just ran to narrow down the output.
ssh-agent is not active yet, execute this command:
$ eval $(ssh-agent -s) Agent pid 1380
Now it’s up and running.
Adding an existing SSH Key to ssh-agent
Let’s add our key to
$ ssh-add ~/.ssh/id_rsa Enter passphrase for /home/jan/.ssh/id_rsa:
This adds my private key with the name
id_rsa to the agent (if your key is not named
id_rsa, please fill in your actual key name).
We can verify that this has worked with
$ ssh-add -L ssh-rsa AAAA.....
You will see a long piece of text starting with
ssh-rsa AAAA. Now, when we connect to our server, it’ll automatically talk to
ssh-agent for the private key and it won’t ask us for the password. Success!