The ssh-add command is used to add private keys to the ssh-agent’s cache. The ssh-agent is a program that runs on your local machine and stores your ssh keys. The keys are then used to authenticate you when you connect to a remote server using ssh. By default, ssh will look for your keys in the ~/.ssh directory. However, if you have a passphrase on your key, you will need to enter it each time you use the key. This is where ssh-add comes in. It adds your key to the ssh-agent’s cache so that you only need to enter your passphrase once.
Overview
The ssh-add command has a few different options that can be used to add keys to the ssh-agent’s cache. Here are some examples:
# Add the default key (~/.ssh/id_rsa)
ssh-add
# Add a specific key
ssh-add ~/.ssh/my_key
# Add a key with a passphrase
ssh-add -K ~/.ssh/my_key
The first example will add the default key (~/.ssh/id_rsa) to the ssh-agent’s cache. The second example will add a specific key (~/.ssh/my_key) to the cache. The third example will add a key (~/.ssh/my_key) to the cache and store the passphrase in your keychain (macOS only).
You can also use the -t option to specify how long the key should be added to the cache. For example, the following command will add the key for 1 hour:
ssh-add -t 3600 ~/.ssh/my_key
If you have multiple keys and want to list them, you can use the -l option:
ssh-add -l
If you want to remove a key from the cache, you can use the -d option:
ssh-add -d ~/.ssh/my_key
Options
The ssh-add command has the following options:
| Option | Description |
|---|---|
-t |
Set a lifetime for the key in seconds |
-l |
List the keys currently held by the agent |
-d |
Remove a key from the agent |
-K |
Store the passphrase in your keychain (macOS only) |
-E |
Specify a new passphrase when adding the key |
Troubleshooting tips
If you are having trouble adding a key to the ssh-agent’s cache, here are some things to check:
- Make sure the key exists and is in the correct location (
~/.ssh/by default). - Make sure the key has the correct permissions (
chmod 600 ~/.ssh/my_key). - Make sure the ssh-agent is running (
eval "$(ssh-agent -s)"). - Make sure the key is not already in the cache (
ssh-add -l). - If you have a passphrase on your key, make sure you enter it correctly.
Notes
- If you use
ssh-addto add a key to the ssh-agent’s cache, it will only be available until you log out or restart your computer. To make it persistent, you can add the key to your ssh config file (~/.ssh/config) or add it to the ssh-agent on startup. - If you have multiple keys and want to use a specific key for a connection, you can use the
-ioption with ssh (ssh -i ~/.ssh/my_key user@host).