Saving SSH keys in macOS Sierra keychain
Latest commit deef495 Jan 13, 2017 @jirsbek committed on GitHub Update
Failed to load latest commit information. Update Jan 13, 2017
ssh.add.a.plist Edited name Sep 26, 2016

Saving SSH keys in macOS Sierra keychain

Source links


As described in detail on, macOS/OS X till Yosemite used to remember SSH keys added by command ssh-add -K <key>.

Unfortunately this way no longer works and command ssh-add -K in macOS Sierra no longer saves SSH keys in OS's keychain. As Apple Developer stated: "That’s expected. We re-aligned our behavior with the mainstream OpenSSH in this area."


Solution 1 (recommended)

As Apple updated it's Technical Notes, since 10.12.2 macOS includes version 7.3p1 of OpenSSH and it's new behaviors.

In ~/.ssh create config file with the following content:

Host * (asterisk for all hosts or add specific host)
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile <key> (e.g. ~/.ssh/userKey)

Solution 2

After usage of ssh-add -K <key> (it's recommended to use absolute path of keys) call command ssh-add -A on every startup of macOS.

Just add .plist with the following content to the path ~/Library/LaunchAgents/:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">

<!-- @@@@LingonWhatStart:ssh-add -A@@@@LingonWhatEnd -->

Or create the file with the Lingon app (

Or use curl command to download the .plist file to the stated path:

curl -o ~/Library/LaunchAgents/ssh.add.a.plist


If you have issues with ssh-add: illegal option -- K after using ssh-add -K command, you may use full path of the command /usr/bin/ssh-add.