Difference between revisions of "Use the Apple Keychain for ssh key passphrases"
(→Configure ssh to use the Keychain to unlock your keys) |
(→Add your passphrase to the Keychain) |
||
Line 7: | Line 7: | ||
=== Add your passphrase to the Keychain === | === Add your passphrase to the Keychain === | ||
− | Create your | + | Create your keys as usual, then do this ''once'' for every key: |
ssh-add --apple-use-keychain ~/.ssh/id_ed25519 | ssh-add --apple-use-keychain ~/.ssh/id_ed25519 |
Revision as of 12:09, 28 July 2022
Contents
Introduction
On macOS, you can set up such that your encrypted ssh keys get automatically decrypted using the passphrase stored in the Apple Keychain, which is unlocked at login.
How to
Add your passphrase to the Keychain
Create your keys as usual, then do this once for every key:
ssh-add --apple-use-keychain ~/.ssh/id_ed25519
You must use the full path your key, a relative path will not work!
Configure ssh to use the Keychain to unlock your keys
Use this ~/.ssh/config
:
Host * IgnoreUnknown UseKeychain UseKeychain yes
IgnoreUnknown
is there so this config will work with non-Apple ssh implementations. You do not need to use ssh-agent(1), or enable any special Apple-specific options for the ssh agent, ignore the Internet misinformation.