Erick Quinteros Posted on May 31 How to configure ssh-agent # ssh # agents # tutorial # authentication How to configure ssh-agent, agent forwarding, & agent protocol The ssh-agent is a helper program that keeps track of users' identity keys and their passphrases . The agent can then use the keys to log into other servers without having the user type in a password or passphrase again. Starting ssh-agent On most Linux systems, ssh-agent is automatically configured and run at login, and no additional actions are required to use it. eval ` ssh-agent ` Agent pid 9238 Enter fullscreen mode Exit fullscreen mode Adding SSH keys to the Agent The following command will list private keys currently accessible to the agent: ssh-add -l 521 SHA256:XHmUhfIRpJ4eapb4WMi0CaDMnCvPNNqJM+1VMpKJP/0 user_name@server ( ECDSA ) Enter fullscreen mode Exit fullscreen mode The ssh-agent command accepts the following options: -a bind_address Forces binding the Unix domain socket to the given file path, instead of the default socket. -c Forces generation of C-shell commands on stdout By default, the shell is automatically detected. -d Enables debug mode . -E fingerprint_hash Specifies which algorithm to use for generating SSH key fingerprints. Valid values include md5 and sha256 . -k Kills the currently running agent. -s Forces generation of Bourne shell ( /bin/sh ) commands on stdout. By default, the shell is automatically detected. -t life Specifies a maximum number of seconds that identities are kept in the agent. The value is in seconds, but can be suffixed by m for minutes, h for hours, d for days, and w for weeks. Without this option, the agent keeps the keys in its memory as long as it runs. This can be overridden when running the ssh-add command. Fingerprint The fingerprint is based on the host's public key , usually based on the /etc/ssh/ssh_host_rsa_key.pub file. Generally, it's for easy identification/verification of the host. To view that public key in fingerprint format, run ssh-
LIVE