Set up SSH Agent on Login

mpf writes "This is a simple procedure to allow you to be prompted at login for your SSH passphrase and have it optionally stored in your Mac OS X Keychain, so you'll never have to enter your passphrase again! It allows you to use ssh from AppleScripts and other non-interactive applications without entering your passphase." Nice idea. It combines two pieces of software, one that starts ssh-agent on login, and one that gets called to provide your ssh passphrase when needed (which can store/retrieve it in the Keychain). There's a small AppleScript to call ssh-add on login, to tie it all together.

Re:secure shell?

[Webmonger]

SSH can use several forms of authentication, including public key cryptography. You use a password to encrypt your private key, which you supply on login.

Once your private key is decrypted, SSH can use it to authenticate you on any site that uses your public key for authentication.

There is security at every step. You typically have to be logged in as yourself (or root) to read your private key, you have to supply a password to decrypt the key, and you can remove they key from memory at any time.