Difference between revisions of "Use the Apple Keychain for ssh key passphrases"
(→Configure ssh to use the Keychain to unlock your keys) |
(→Configure ssh to use the Keychain to unlock your keys) |
||
Line 21: | Line 21: | ||
UseKeychain yes | UseKeychain yes | ||
− | <code>IgnoreUnknown</code> is there so this config will work with non-Apple ssh implementations. | + | <code>IgnoreUnknown</code> is there so this config will work with non-Apple ssh implementations. You do not need to use '''ssh-agent(1)''', or enable any special Apple-specific options for the ssh agent, ignore the Internet misinformation. |
== References == | == References == |
Revision as of 12:09, 28 July 2022
Contents
Introduction
On macOS, you can set up such that your encrypted ssh keys get automatically decrypted using the passphrase stored in the Apple Keychain, which is unlocked at login.
How to
Add your passphrase to the Keychain
Create your key as usual, then do this once:
ssh-add --apple-use-keychain ~/.ssh/id_ed25519
You must use the full path your key, a relative path will not work!
Configure ssh to use the Keychain to unlock your keys
Use this ~/.ssh/config
:
Host * IgnoreUnknown UseKeychain UseKeychain yes
IgnoreUnknown
is there so this config will work with non-Apple ssh implementations. You do not need to use ssh-agent(1), or enable any special Apple-specific options for the ssh agent, ignore the Internet misinformation.