When making a connection to an SSH server using a public / private key pair, there will be a prompt to enter the passphrase associated with the public / private key pair.
~]# ssh -i /home/john.doe/.ssh/id_rsa john.doe@server1.example.com
Enter passphrase for key '/home/john.doe/.ssh/id_rsa':
ssh-agent and ssh-add can be used to store your SSH private key and optionally, the passphrase, so that you are not required to provide your private key and passphrase when making an SSH connection to the SSH server.
The ssh-agent command without any options will display basic information about the ssh-agent deamon, such as the socket and PID being used by ssh-agent. In this example, the socket is 30025 and the PID is 30026.
~]# ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-fXi6UEtKUojG/agent.30025; export SSH_AUTH_SOCK;
SSH_AGENT_PID=30026; export SSH_AGENT_PID;
echo Agent pid 30026
Start the ssh-agent.
~]# eval $(ssh-agent -s)
Agent pid 2023
Use ssh-add to add your users SSH private key to the ssh-agent.
~]$ ssh-add /home/$(whoami)/.ssh/id_rsa
Identity added: /home/john.doe/.ssh/id_rsa (/home/john.doe/.ssh/id_rsa)
If the public certificate and private key have a passphrase, use ssh-add to add your passphrase to ssh-agent.
Now add your passphrase.
~]# ssh-add
Enter passphrase for /home/john.doe/.ssh/id_rsa:
Now when connecting to the SSH server, there should be no prompt to enter the password or passphrase associated with the public / private key pair.
~]# ssh john.doe@server1.example.com
Last login: Sun Jan 29 12:53:23 2017 from 192.168.0.141
It is important to note that your passphrase will not be permanently associated with the public / private key pair via ssh-agent. If you log out of the shell, reset the environment, or restart the machine, you will need to use ssh-add again to add your passphrase to ssh-agent. If you frequently connect to an SSH server, it would be preferrable to make this permanent via your BASH profile.
Did you find this article helpful?
If so, consider buying me a coffee over at