3

I've followed the following guide to setup SSH keys on Mac OS 10.7.4.

https://help.github.com/articles/generating-ssh-keys

But for some reason it continually prompts me for my passphrase. It doesn't prompt me if I don't specify a passphrase, but that isn't desired. Is there a way to cache my passphrase so that I won't be prompted for every pull/push?

Ryan
  • 3,725
  • 5
  • 33
  • 53
Phillip Whisenhunt
  • 133
  • 1
  • 5

2 Answers2

11

From this article

Storing Passphrases in the Keychain

To store the passphrase for your default key in the Keychain open a Terminal and run:

ssh-add -K

And to store the passphrase for a different key run:

ssh-add -K /path/to/private/key/file

When prompted for your passphrase enter it and that is it.

You will never need to run ssh-add nor enter your passphrase again.

Ryan
  • 3,725
  • 5
  • 33
  • 53
  • I've tried that bu I get Could not open a connection to your authentication agent. – Phillip Whisenhunt Feb 07 '13 at 17:51
  • You may have to reboot, or at least log out and in. From the most up-voted answer [here](http://superuser.com/questions/88470/how-to-use-mac-os-x-keychain-with-ssh-keys), it would appear the loading of keychain keys to ssh-agent happens at login. – Ryan Feb 07 '13 at 17:57
  • From `man ssh-add`: "-K When adding identities, each passphrase will also be stored in the user's keychain. When removing identities with -d, each passphrase will be removed from it." (for the curious.) – Carl G Jan 23 '17 at 17:52
  • `ssh-add -K` has been deprecated. `ssh-add --apple-use-keychain` is the new way – epergo Nov 07 '22 at 09:02
1

If you create a key pair with a passphrase you have to enter that passphrase to unlock your private key. If you don't enter the correct passphrase your private key will not match the public key stored at github and the authentication cannot be performed.

If you don't want a key without a passphrase you have no way around entering the passphrase every time the key is used.

Having a key without passphrase is only a security issue if someone else gets their hands on your private key.

André Stannek
  • 413
  • 1
  • 3
  • 17
  • Your comment appeared after I posted my answer. I don't know much about Mac but check out http://superuser.com/questions/88470/how-to-use-mac-os-x-keychain-with-ssh-keys and http://serverfault.com/questions/272613/does-mac-os-x-cache-private-keys-for-ssh for caching. – André Stannek Feb 07 '13 at 17:46