Results 1 to 6 of 6

Thread: What to do after ssh-add?

  1. #1

    Default What to do after ssh-add?

    Tumbleweed 20210422

    I have a number of keys entered using ssh-add. I can now log in to remote sites without the password step.

    Then I log out. Most of those keys added by ssh-add are no longer added. A post mentioned that entries in <.ssh/config> using the IdentityFile command are permanent, i.e., they are loaded when logging in. Not my experience. (The config file has perms 600.)

    Oddly, there is one key that is permanent; it happens to be the first in the list of IdentityFile entries.

    How do I make the other keys a permanent feature in the login startup?
    Is only one IdentityFile entry allowed?

  2. #2
    Join Date
    Sep 2012
    Posts
    6,494

    Default Re: What to do after ssh-add?

    Quote Originally Posted by jimoe666 View Post
    I have a number of keys entered using ssh-add. Then I log out. Most of those keys added by ssh-add are no longer added.
    That's correct in general. ssh-add adds keys to running SSH agent; logging out likely terminates this agent and logging in starts new instance.
    A post mentioned
    What post? We cannot comment on something we have never seen.

    Anyway, it is heavily dependent on desktop environment you are using, and you did not mention it.

  3. #3
    Join Date
    Apr 2021
    Location
    Munich
    Posts
    43

    Default Re: What to do after ssh-add?

    jimoe666, I am a bit unsure what you are trying.

    "ssh-add" is a component of the "ssh-agent", which in turn is often used when your keys are additionally secured by a password. Without a "ssh-agent" you have to type in the appropriate passphrase every time you are using one of your private keys.
    The declaration of which key will used and for what, is independent of that topic and could be done as following:

    Code:
    $ vim ~/.ssh/config
    
    Match host=computer1,computer2,computer3
       IdentitiesOnly yes
       IdentityFile ~/.ssh/id_rsa_1
    
    Match host=example.com
       IdentitiesOnly yes
       IdentityFile ~/.ssh/id_ed25519
    I am sure, "ssh-add -L" will show you all keys. For me the question is, what are we talking about? Is it the management of different identities in general or indeed a ssh-agent topic because all of your keys are additionally secured by a password?
    If so, how should the agent have been launched? There exists multiple ways.

  4. #4

    Default Re: What to do after ssh-add?

    A post mentioned ...
    What post? We cannot comment on something we have never seen.
    https://stackoverflow.com/questions/...-add-on-ubuntu

    Anyway, it is heavily dependent on desktop environment you are using, and you did not mention it.
    Gnome v40.0

  5. #5

    Default Re: What to do after ssh-add?

    I found the magic: Include the public key with the private keys in <.ssh/>.

  6. #6
    Join Date
    Sep 2012
    Posts
    6,494

    Default Re: What to do after ssh-add?

    While the first answer may be interpreted this way, it is really incorrect in the context of original question. But later this thread does mention that ...

    Gnome v40.0
    Quote Originally Posted by jimoe666 View Post
    I found the magic: Include the public key with the private keys in <.ssh/>.
    ... gnome-keyring automatically adds all identities with public keys that are located in standard place (~/.ssh). This is gnome-keyring specific and has really nothing to do with ssh-add which is why I asked about DE.

    You can mostly get the same result without gnome-keyring by setting AddKeysToAgent ssh option. Then ssh will add private key to agent the first time it is used. Advantage is that identity file can be anywhere. The difference is that gnome-keyring allows you to store passphrase for SSH key in its own keyring which is encrypted by your login password and automatically used it to unlock SSH key. That requires that login password is known to gnome-keyring, so does not work for auto-autologin (unless keyring is unlocked by other means).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •