SSH Agent

The SSH agent stores unencrypted private keys to help you log in to servers without supplying your private key’s passphrase during retries.

NOTE: Unfortunately the agent stores private keys for an unlimited amount of time by default. Therefore, please take note of command line parameters of ssh-agent and ssh-add to limit the key lifetime inside the agent.

For ssh-add and ssh to work the two commands rely on two environment variables: SSH_AGENT_PID and SSH_AUTH_SOCK. The following two methods will start the SSH agent with automatically setting those environment variables:

  1. Method 1:
  1. Method 2:

Example sessions:

  1. With the SSH agent:
  $ ssh-agent -t 60 bash --login
  $ ssh-add TEST
  Need passphrase for TEST
  Enter passphrase for TEST:
  Identity added: TEST (TEST)
  $ ssh -i TEST USER@HOST
  Last login: SOMETIME from SOMEWHERE

Successive logins are possible.

  1. Without the SSH agent:
  $ ssh -i TEST USER@HOST
  Enter passphrase for key 'TEST':
  Last login: SOMETIME from SOMEWHERE

The passphrase is needed for each and every login.

Feedback is always welcome! If you'd like to get in touch with me concerning the contents of this article, please use Twitter.