The ssh-agent
is caching your keys’ in memory once these areunlocked and you will not be asked to provide the passphrase to unlockthese keys every time they are used.
Starting the agent
Depending on your operating system, there are multiple ways to startthe agent, e.g. to start it manually in a bash-like shell, simply run
This command will start the agent and set-up the necessary environmentvariables. Please note that starting a new agent will make an alreadyexisting agent not directly accessibly anymore while NOTterminating it. Thus, please test via ssh-add -l
if an agent iscurrently running (see below).
If you want your agent to be started automatically when logging in,please refer to the web, e.g. this question onstackoverflow.comfor more information.
Typically, what you need to do is to ensure the agent is started and“primed” with your keys whenever you start a terminal ssh
session. Putting a snippet like this into your ~/.bashrc
ought towork for most people, but if you used a different shell or some otherspecial tools, your solution may need to look different than this one:
# ensure the ssh agent is runningif [[ -z "$SSH_AUTH_SOCK" ]]then eval $(ssh-agent)fi# list all keys here which should be loaded into the agentfor k in ~/.ssh/id_ed25519-atlas ~/.ssh/id_rsado if ! ssh-add -l | grep -q "$(ssh-keygen -lf "$k" | cut -d' ' -f 2)" then ssh-add "$k" fidone
Which keys are currently handled by my agent?
Running ssh-add -l
will display all keys currently known to youragent. If the list is empty, you have an ssh-agent
running, but nokeys currently unlocked. If you receive an error message like Couldnot open a connection to your authentication agent.
you need to startthe agent first (see above).
If you key is missing, simple add it via
ssh-add ~/.ssh/id_ed25519-atlas
and it will prompt you for the passphrase. Afterwards, the newly addedkey should be displayed by ssh-agent -l
,
As always, reading the man pages for ssh-agent
and ssh-add
isrecommended!