SSH Key的passphrases不用每次都输入

使用Key方式从linux服务器登录到别的linux服务器时，如果建立key的时候已经输入了Passphrase，则每次登录时总是提示输入passphrase口令，很是不方便。

有个办法可以解决该问题，就是使用ssh-agent，他可以保存passphrase，只用输入一次就ok了。

增加或修改passphrase：

可以在key私钥和公钥文件里面增加或修改passphrase：

$ ssh-keygen -p
Enter file in which the key is (/Users/tekkub/.ssh/id_rsa):
Key has comment ‘/Users/tekkub/.ssh/id_rsa’
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.

如果id_rsa里面已经有passphrase了，则会要求输入老的passphrase。

每次登录自动运行ssh-agent：

修改用户~/.profile或者~/.bashrc文件，增加下列内容：

SSH_ENV=”$HOME/.ssh/environment”

# start the ssh-agent
function start_agent {
echo “Initializing new SSH agent…”
# spawn ssh-agent
ssh-agent | sed ‘s/^echo/#echo/’ > “$SSH_ENV”
echo succeeded
chmod 600 “$SSH_ENV”
. “$SSH_ENV” > /dev/null
ssh-add
}

# test for identities
function test_identities {
# test whether standard identities have been added to the agent already
ssh-add -l | grep “The agent has no identities” > /dev/null
if [ $? -eq 0 ]; then
ssh-add
# $SSH_AUTH_SOCK broken so we start a new proper agent
if [ $? -eq 2 ];then
start_agent
fi
fi
}

# check for running ssh-agent with proper $SSH_AGENT_PID
if [ -n “$SSH_AGENT_PID” ]; then
ps -ef | grep “$SSH_AGENT_PID” | grep ssh-agent > /dev/null
if [ $? -eq 0 ]; then
test_identities
fi
# if $SSH_AGENT_PID is not properly set, we might be able to load one from
# $SSH_ENV
else
if [ -f “$SSH_ENV” ]; then
. “$SSH_ENV” > /dev/null
fi
ps -ef | grep “$SSH_AGENT_PID” | grep -v grep | grep ssh-agent > /dev/null
if [ $? -eq 0 ]; then
test_identities
else
start_agent
fi
fi

如果不是缺省名字的key文件或路径，则要修改ssh-add命令行，增加key文件名到后面。每次登录后可以看到多了一个ssh-agent进程。