Generating SSH Keys - Using an SSH Agent
Written by Sam Moffatt   
Tuesday, 16 October 2007 05:15
Article Index
Generating SSH Keys
Generating a key
Transferring your key
Using an SSH Agent
Keychain and SSH
SSH and GNOME
Wrapping Up
All Pages

Using an SSH agent

An SSH agent is a program that asks for your passphrase and then authenticates you against your key and stores this for the duration of its execution. It hands unlocked keys to requesting processes to allow them to use the key without asking for the password again. If you use SSH regularly this is highly desireable as it allows you to log into different servers or use SSH based services (like SCP/SFTP or X11 tunnelling) without having to manually re-enter your password.

Using SSH Agent on the command line

To start the SSH agent type the following: eval `ssh-agent`

Example:

moffats@shadow:~> eval `ssh-agent`
Agent pid 20692

This sets up your session though as soon as you quit your terminal you will lose your connection to your ssh-agent, however there are tools around it (see Using Keychain below). Now we have an agent running we need to authenticate our key(s), we do this with ssh-add:

moffats@shadow:~> ssh-add
Enter passphrase for /home/moffats/.ssh/id_rsa:
Identity added: /home/moffats/.ssh/id_rsa (/home/moffats/.ssh/id_rsa)

We enter the passphrase we used when we created the key and we can see that it has added our identity to the agent. Then when we SSH to a server instead of being prompted for our passphrase for the key or the pasword for the server. We can use this with other tools on the command line like scp. However this is limited to this session, which is annoying, enter Keychain.



Last Updated on Wednesday, 09 April 2008 06:57