I want to run ssh-agent (with maximum lifetime option), but not add any keys at startup, but instead add them on demand.
Like first time I login to some server it should ask for passphrase, next time (unless I waited for more than a hour) it should connect cleanly:
ssh server1
Enter passphrase for key '/home/vi/.ssh/id_dsa':
server1> ...
ssh server2
server2> # no passphrase this time
# wait for lifetime
ssh server2
Enter passphrase for key '/home/vi/.ssh/id_dsa':
I don't want to manually remember about running 'ssh-add' each time. (e.g. entered passphrase for just for ssh and "Oh, it hasn't remembered, need to retype").
How to configure ssh to automatically add key to ssh-agent if user provided the passphrase?
Best Answer
ssh supports adding a key to the agent on first use (since version 7.2). You can enable that feature by putting the following into
~/.ssh/config
:This also works when using derivative tools, such as git.
From the 7.2 changelog: