Enter SSH passphrase once

git ssh passphrase

Before upgrade

When I was running git clone git@... (using ssh) once per computer restart a window dialog appeared containing a textbox for inserting my SSH passphrase and confirmed with OK. Then the passphrase was no longer required until the next start of my system.

After upgrading to 13.10

After upgrading to Ubuntu 13.10 that window doesn't appear anymore but a message in terminal appears:

Enter passphrase for key '/home/username/.ssh/id_rsa':

...every time when cloning a git repository this appears.

How can I fix this? I want to enter my passphrase only once.


Solution 1:

Update: seems to be a bug from 13.10:

https://bugs.launchpad.net/ubuntu/+source/libpam-ssh/+bug/1247169

Anyway running the following commands the problem was fixed for me:

How to fix

I fixed this by entering the following commands:

$ ssh-agent bash

This creates a new bash process that allows you to add private keys. When adding a new private key you will be prompted for the passphrase once and only once.

And then:

$ ssh-add /home/username/.ssh/id_rsa
Enter passphrase for /home/username/.ssh/id_rsa: 
Identity added: /home/username/.ssh/id_rsa (/home/username/.ssh/id_rsa)

...where username is your username. You can do the same using $USER variable:

$ ssh-add /home/$USER/.ssh/id_rsa

Alternatively, just use ~ for your home directory.

$ ssh-add ~/.ssh/id_rsa

And the problem was fixed.

Solution 2:

0) Short answer

Use AddKeysToAgent and add the following to your .ssh/config at the beginning:

AddKeysToAgent yes

and run git/ssh/... If it's not enough, check your ssh version and check that ssh-agent is loaded with these instructions:

1) Check the openssh version

Firstly check that your ssh version, it must be greater of equal to 7.2:

ssh -V

2) Edit the config file

If it's the case just add in your .ssh/config one line at the beginning:

AddKeysToAgent yes

Other options are no (the default), yes, confirm (optionally followed by a time interval), ask or a time interval.

#3) Check if ssh-agent is already open

Usually distributions automatically load an ssh-agent. To check it, run

ps aux | grep -v grep | grep ssh-agent

If you don't see any line containing it, you need to load it by running:

eval $(ssh-agent)

Note that this enable the agent only on the current terminal, so to enable it everywhere, you can try to add this line in your ~/.profile file and reboot.

Related

Should I always restart the system when I see "System restart required"?
"kill <PID>" not really killing the process, why?
How to kill all tmux sessions (or at least multiple sessions) from the CLI?
Download files from a list
Chrome asks for password to unlock keyring on startup
What is the "show desktop" keyboard shortcut?
How can I install Adobe AIR?
How to disable the "unlock your keyring" popup?
Whats the .local folder for in my Home Directory
Is it possible to clean the APT cache from the command line?
How to search entire hard drive for a file?
How to get date and time using command line interface?