Before trying anything, be sure that the communication between to the two hosts is using keys. Type this:
you should see this:
Enter passphrase for key '/home/user/.ssh/id_rsa':
If you get prompted for a passphrase instead of a password, go here, but be sure to add a passphrase. It is extremely dangerous to use a private key that doesn’t have a passphrase. If anyone gets access to that private key, they can use it. However, adding a passphrase initially brings you back to the problem of asking for the passphrase several times.
ssh-agent can fix this problem. To get started, simply type:
This creates a new bash process that allows you to add private keys. When adding a new private key you will be prompted for the passphrase once and only once. Do that by typing:
Then, the key at
~/.ssh/id_dsa will be added and you should not get prompted for a passphrase. Then, type
exit to have the OS forget your passphrase.
To verify that your key has been added, type:
It should show you the fingerprints and filenames of all keys in the agent session.
Using an ssh-agent in a script
Use the following bash code to reuse and ssh-agent in a script:
#!/bin/bash tempfile=/tmp/ssh-agent.test # Check for an existing ssh-agent if [ -e $tempfile ] then echo "Examining old ssh-agent" . $tempfile fi # See if the agent is still working ssh-add -l > /dev/null # If it's not working yet, just start a new one. if [ $? != 0 ] then echo "Old ssh-agent is dead..creating new agent." # Create a new ssh-agent if needed ssh-agent -s > $tempfile . $tempfile # Add the key ssh-add fi # Show the user which keys are being used. ssh-add -l
ssh-agent -s creates an
ssh-agent and prints out three lines that basically set the appropriate environment variables for
ssh-add to function properly. This script saves the output of
ssh-agent -s to a known file location that can be reused each time the script is run. It also detects if the
ssh-agent is no longer working. If so, it simply launches a new agent and adds the key.
The nice part about this script is that it will work if a script is
sudo’d. However, the file will get a permission’s error if the script is run with
sudo and then run without