On 2/9/2017 11:59 AM, Shin Ice wrote:
> Hi,
>
> Am 09.02.17 um 01:20 schrieb commentsabout@riseup.net:
>> Hello,
>>
>> I am a Debian 8.7 user.
>>
>>
>> # SSH
>>
>> I would like to know if there is an efficient way to manage SSH keys?
>>
>> I have multiple SSH keys (rsa, ed25519) that I use all day long to
>> either connect to servers via ssh or to work with on remote servers.
>>
>> I would like to know if there it is possible to unlock my keys (being
>> prompted once for their passwords) when the my session starts and keep
>> them unlocked until the session is closed.
>>
>> I have found information about ssh-agent and ssh-add but it doesn't
>> provide the behavior that I would like to reach in the sense that I have
>> to manually...
>>
>>> eval `ssh-agent -s`
>>> ssh-add /path/to/my-key1
>>> ssh-add /path/to/my-key2
>>> ssh-add /path/to/my-key3
>>> ssh-add /path/to/my-key4
>> ... every time I open/close my session (while I would like to just have
>> to provide my passwords). Furthermore, it seems that my ed25519 keys do
>> not remain cached for more than a couple of minutes (while the rsa4096
>> ones remain without problem).
>>
> I'm using "keychain" on my system and it works as desired.
> You can add it to your .bashrc or create a short script to invoke with
> all your keys.
>
> Greetings
> Shin
>
I may, or may not, have been accused of going the route of overkill
and paranoid, but personally my SSH authentication key is actually on an
OpenPGP v2 smartcard and I use the GnuPG 2.x gpg-agent with ssh-agent
support.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature