Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Apple includes a customized version of OpenSSH. From what I recall from the last time I looked at it, the changes were mostly integrating the key retrieval mechanisms with the rest of macOS. For example, Apple's ssh-add can store key passphrase in Keychain with the -K option, and then later access those passphrase with the -A flag.


If using the upstream version there is one line to add to a startup script or to your zshrc (et. al.) file ...

ssh-add -A > /dev/null

... and one default value to place in your ssh config file...

AddToKeychain Yes

... to get around this issue. It works fine after that.

(On mobile. Sorry for formatting)


Those stored key passphrases are visible with the Keychain Access application, Kind: "application password", name: "SSH: /full/path/to/key", in the login & iCloud keychains.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: