Can ssh add keys to ssh-agent?



Hallo, I would like to ask a simple question. Please take my apologies
it it has already been addressed, but I didn't find answer for it.

I have key-based access to a ssh server (running openssh) and ssh-agent
running. When I add the key to agent (ssh-add ...), everything works
as expected without problems. I have also set 'IdentityFile = path_to_key'
to that key in ~/.ssh/config. Now, when I use ssh and the key IS NOT
added to ssh-agent, ssh asks for the password to the key and uses it
for authentication. Still no problem. Also when I use e.g. subversion
(using svn+ssh protocol) from command line, it (or the ssh) asks for
the password to the key and again, uses the key for the authentication
to the server.

However, when I use sh or subversion again, it asks for the password
to the key again; everytime I use it. It looks like:

$ ssh-add -L
The agent has no identities.

$ svn up
Enter passphrase for key 'path_to_key_from_IdentityFile':
....
....

$ ssh-add -L
The agent has no identities.

$ svn log
Enter passphrase for key 'path_to_key_from_IdentityFile':
....
....

$ ssh svnserver
Enter passphrase for key 'path_to_key_from_IdentityFile':
....
^D

$ ssh-add -L
The agent has no identities.



Well, it is correct, and you may argue that I should add the key to the
running agent, using ssh-add; you are right. Nevertheless, it becomes
annoying when I use a GUI client to svn - it asks for the password again
and again (using X-password dialog), until I switch to console and call
ssh-add. Also when I forget to call ssh-add before I connect by ssh,
it asks repeatedly for the password with each new connection (I ususally
open more than one ssh connection). It is not crucial problem, but I
hope you agree that it is annoying.

So, the question is: is there a possibility to configure ssh to automatically
add the key to running ssh-agent, when the ssh recognises that key is
required and checks that the password is OK (which ssh already does)?
To behave it like:


$ ssh-add -L
The agent has no identities.

$ svn up
Enter passphrase for key 'path_to_key_from_IdentityFile':
....
....

$ ssh-add -L
ssh-dss xxxxxxxxxxxx ..... xxxxxxxxxxxx path_to_key_from_IdentityFile

$ svn log
....
....

$ ssh svnserver
....
^D


It would allow to use the key once it is needed, and even GUI-based apps
could set it without the need to switch to console.


Tank you very much for your answer. Best regards,
Dan



Relevant Pages

  • Re: Defering passphrase entry with ssh-add
    ... I'm not aware of any technical reason why ssh-add couldn't defer requesting a password until its required. ... Yes which is why you only check/run it when ssh is used. ... until it determined it needed your passphrase. ... Again, ssh-agent works for me across all terminals as well as just in X, it's ssh-add you are talking about here which is ...
    (SSH)
  • Re: ssh-keygen between SuSE and FreeBSD
    ... You need to start an ssh-agent on the machine you're connecting from and ... see if it has ssh session support. ... If the ssh-agent and ssh-add utilities load the keys into memory, ... rebooting will take the keys out of memory and you would need to ...
    (freebsd-stable)
  • Need help with SSH set-up
    ... I'm setting up SSH to replace telnet for use on my LAN. ... basic functionality working but I'm struggling with ssh-agent and ... ssh-add, but I can't figure out how. ...
    (Debian-User)
  • Re: ssh-agent without graphical display manager? how?
    ... not started, and consequently, I cannot use ssh-add on it. ... Or can you just forward your existing agent when you connect (ssh -A), ... then run ssh-add on the remote machine (the one with the private key on ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: Need help with SSH set-up
    ... > I'm setting up SSH to replace telnet for use on my LAN. ... ssh-agent should already be started for you if you simply use the ... Simply run ssh-add from a gnome-terminal. ...
    (Debian-User)