Saving SSH keys in macOS Sierra keychain
As described in detail on https://openradar.appspot.com/27348363, macOS/OS X till Yosemite used to remember SSH keys added by command
ssh-add -K <key>.
Unfortunately this way no longer works. Keys added to the keychain via
ssh-add -K are not automatically re-added to the ssh-agent after a reboot. As Apple Developer stated:
"That’s expected. We re-aligned our behavior with the mainstream OpenSSH in this area."
Solution 1 (recommended)
Apple updated its Technical Notes to indicate that since 10.12.2, macOS includes version 7.3p1 of OpenSSH and its new behaviors.
config file with the following content:
Host * (asterisk for all hosts or add specific host) AddKeysToAgent yes UseKeychain yes IdentityFile <key> (e.g. ~/.ssh/userKey)
After usage of
ssh-add -K <key> (it's recommended to use absolute path of keys) call the command
ssh-add -A on every startup of macOS.
To automate this, add a .plist with the following content to the path
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>ssh-add-a</string> <key>ProgramArguments</key> <array> <string>ssh-add</string> <string>-A</string> </array> <key>RunAtLoad</key> <true/> </dict> </plist> <!-- @@@@LingonWhatStart:ssh-add -A@@@@LingonWhatEnd -->
Create this file with the Lingon app.
curlto download the .plist file to the stated path:
curl -o ~/Library/LaunchAgents/ssh.add.a.plist https://raw.githubusercontent.com/jirsbek/SSH-keys-in-macOS-Sierra-keychain/master/ssh.add.a.plist
If you have issues with
ssh-add: illegal option -- K after using the
ssh-add -K command, you may use the full path of the command