Store SSH key (passphrase) into macOS Keychain

2023-07-26

macos

Intro

The ssh agent on macOS can add your private key and the passphrase of this to the keychain (“Keychain Access.app”).

This is nifty because you unlock the access with your normal login into the macOS user. Meaning you can use your key without typing in the passphrase for every session.

Keep in mind that you gain some comfort/convenience at the cost of some security.

How-To

Tell SSH to use the keychain

Add the following to the ~/.ssh/config file:

Host *
  UseKeychain yes
  AddKeysToAgent yes

UseKeychain yes is the magic ingredient here.

Add the key to the keychain

ssh-add -K ~/.ssh/[private-key]

You will be asked for your passphrase for the last time 😎.

The option -K (short for --apple-use-keychain) facilitates the addition to the agent using the keychain.

Et voilà!

Table of Contents:

Intro

How-To

Tell SSH to use the keychain

Add the key to the keychain