I have an annoying problem with my private key. Every time I want to clone
or push
via ssh in terminal or Tower app, I have to type my passphrase.
I even removed and recreated the ssh key and set the key on Github several times, but it looks like it has a short lifetime and after a couple of minutes, is expired!
I followed generate a new SSH key to create the key. At the end I ran ssh-add ~/.ssh/id_rsa
and it printed out:
Identity added: /Users/sajad/.ssh/id_rsa (/Users/sajad/.ssh/id_rsa)
After I restarted my machine I ran ssh-add -l
to check whether it's still there or not and here is the result:
The agent has no identities.
How can I fix this? I use macOS.
My /etc/ssh/ssh_config
:
# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
Host *
SendEnv LANG LC_*
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_ed25519
# Port 22
# Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
Ensure you are actually using SSH
This really sounds like your remote is not using SSH at all, but is using HTTP. In that case, every time you use the remote, it will ask you to authenticate.
You can check this by looking at your remote URLs. For SSH you want it to look like this:
If you are using HTTP, then it will instead look like this:
If you find it is set to use HTTP, it's easy to change.
SSH key asking for passphrase every time it is used
If it turns out that you are already using SSH, you should check your SSH configuration. There are two locations to check on a Mac.
/etc/ssh/ssh_config
/Users/{your_username}/.ssh/config
In particular, you do not want this setting:
From the ssh_config man page:
And this is a description of the
-c
flag tossh-add
:SSH key not present in agent at startup
After you restart the machine, the key being gone is normal. You have to add it at least once after the machine starts up.
There's some really good solutions to a very similar question over on SuperUser and AskDifferent.
The basic gist is that Apple recently changed some of these behaviours in Sierra. Thankfully, it's simple to get them back by adding the following to the top of your
~/.ssh/config
file:That should be enough to get it to start using the keychain to store/retrieve your SSH key passphrase.