I have a private key with a passphrase
And I have 2 computers running Ubuntu 14.04
-
On the first I added the key using
ssh-add ~/.ssh/id_rsa
It asked me the passphrase, and it was added permanently. -
On the other when I add a key using
ssh-add ~/.ssh/id_rsa
it is asking me the passphrase and adding it temporarily (it will be removed at the next reboot).
But all others ssh keys without passphrase are added automatically.
I have tried the solutions explained here: https://stackoverflow.com/questions/3466626/add-private-key-permanently-with-ssh-add-on-ubuntu
But it doesn't work. And I really don't see how it could work (despite the positive feedbacks).
I don't see how just defining our SSH key as a "IdentityFile" in the SSH config files would make it automatically add the SSH keys with passphrase. It would mean that when I do a ssh-add ~/.ssh/id_rsa the system is storing the passphrase somewhere, but using it only if I add "IdentityFile" in the config. And for ssh key without passphrase it doesn't need any "IdentityFile".
Does someone knows how ssh-add work on this? How can the ssh-add behaviour can be so undeterministic?
Best Answer
There is no way to add a key with passphrase permanently. The encrypted key is stored in the memory of
ssh-agent
, which is not persistent across the reboots.The keys in default location or the keys mentioned in
~/.ssh/config
(without passphrase) do not need to be added to the agent. Thessh
will pick them up automatically.