开发者

SVN+SSH, not having to do ssh-add every time? (Mac OS)

I know the answer is out there, but I'm pretty Unix-dumb and probably wouldn't recognize the solution if it hit me in the face.

I'm on a Mac, connecting to a SVN serve开发者_Python百科r via SSH tunneling. I have to ssh-add privateKey.txt every time I want to connect to the SVN server (Both Cornerstone and Xcode are connecting to SVN).

Is there a way to "save" the key somewhere so I don't have to do this every time? Add it to my Keychain? Some config file? Start up script?


First, move your private key file into ~/.ssh. This is not strictly necessary but it's the standard place for such things.

Then run ssh-add -K ~/.ssh/privateKey.txt. It'll prompt for your passphrase if necessary, then add it to your Keychain.

After that, you shouldn't have to do anything else. A slightly longer explanation is available here.


Storing Passphrases in the Keychain

To store the passphrase for your default key in the Keychain open a Terminal and run:

ssh-add -K

And to store the passphrase for a different key run:

ssh-add -K /path/to/private/key/file

When prompted for your passphrase enter it and that is it.

You will never need to run ssh-add nor enter your passphrase again.

Answer taken from this site: http://www-uxsup.csx.cam.ac.uk/~aia21/osx/leopard-ssh.html


After much exploration, I think I've found the answer to this issue completely. First, make sure you do ssh-add -K ~/.ssh/your_key_here. This adds the key to your keychain. Some places, I have read that this is enough, but I wasn't certain. This is also mac-specific, so if you need to do this on another unix flavor, you won't have this option necessarily.

For good measure, I edited the ~/.ssh/config file (you may have to create it) to point to all the keys I have. Mine has the following:

IdentityFile ~/.ssh/identity
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa 
IdentityFile ~/.ssh/my_other_identity_here
IdentityFile ~/.ssh/yet_another_identity_here

According to the man page for ssh_config, it will try these in order. I'm not sure if the first three default ones I have listed need to be there, but I have included them anyway.


Since macOS 10.12.2 you can use the UseKeychain option. Read more here or look into man ssh_config.

     UseKeychain
         On macOS, specifies whether the system should search for passphrases in the user's keychain
         when attempting to use a particular key. When the passphrase is provided by the user, this
         option also specifies whether the passphrase should be stored into the keychain once it has
         been verified to be correct.  The argument must be ``yes'' or ``no''.  The default is ``no''.

So just do the following:

echo "UseKeychain yes" >> ~/.ssh/config


I don't have much experience with macs, so not sure if this version is ok for your, but have a look at http://www.phil.uu.nl/~xges/ssh/

If this particular app doesn't work, that's what you're looking for anyways - ssh agent. On unix-like boxes, you'd want to start your whole window manager through that, to get the global effect, but it might not be possible in osx.

Some more info: http://www-uxsup.csx.cam.ac.uk/~aia21/osx/leopard-ssh.html


sshkeychain is one possibility. installs fine with macports using:

sudo port install sshkeychain

it uses the keychain to store passwords, and you may simply launch it at the start-up of your login session (using at the first launch the usual right-ght click in the dock's icon + "launch at startup")

Note that Apple's svn uses keychain to store passwords but not necessarily the svn binary you would build with macports.


Add your key to the keychain by running:

ssh-add -K ~/.ssh/id_rsa

and edit your ssh config (~/.ssh/config) file to automatically load keys from the key chain to the ssh-agent (AddKeysToAgent yes option) and store passphrases in the keychain (UseKeychain yes option):

Host *
 AddKeysToAgent yes
 UseKeychain yes
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜