How to use the command `ssh-add` (with examples)
The ssh-add command is used to manage loaded ssh keys in the ssh-agent. The ssh-agent is a program that is used to hold private keys that are used for public key authentication. It acts as a “gatekeeper” for these keys, allowing users to securely use the keys without having to enter their passphrase every time. The ssh-add command allows users to add, list, and delete keys from the ssh-agent.
Use case 1: Add the default ssh keys in ~/.ssh to the ssh-agent
Code:
ssh-add
Motivation:
The motivation for using this command is to add the default ssh keys located in the ~/.ssh directory to the ssh-agent. This allows you to use the ssh keys for authentication without having to repeatedly enter the passphrase.
Explanation:
This particular use case does not require any arguments. By running ssh-add without any arguments, the command will add the default ssh keys located in the ~/.ssh directory to the ssh-agent.
Example output:
Identity added: /Users/user/.ssh/id_rsa (/Users/user/.ssh/id_rsa)
Identity added: /Users/user/.ssh/id_dsa (/Users/user/.ssh/id_dsa)
Use case 2: Add a specific key to the ssh-agent
Code:
ssh-add path/to/private_key
Motivation: The motivation for using this example is to add a specific private key to the ssh-agent. This is useful when you have multiple private keys and want to selectively load them into the ssh-agent.
Explanation:
In this use case, you need to specify the path to the private key that you want to add to the ssh-agent. Replace path/to/private_key with the actual path to the private key file.
Example output:
Identity added: path/to/private_key (path/to/private_key)
Use case 3: List fingerprints of currently loaded keys
Code:
ssh-add -l
Motivation: The motivation for using this example is to list the fingerprints of the currently loaded keys in the ssh-agent. This is useful for checking which keys are currently active in the ssh-agent.
Explanation:
The -l option is used to list the fingerprints of the currently loaded keys in the ssh-agent.
Example output:
2048 SHA256:abcdefgh... /Users/user/.ssh/id_rsa (RSA)
1024 SHA256:ijklmnop... /Users/user/.ssh/id_dsa (DSA)
Use case 4: Delete a key from the ssh-agent
Code:
ssh-add -d path/to/private_key
Motivation: The motivation for using this example is to delete a specific key from the ssh-agent. This is useful when you no longer want to use a particular key for authentication.
Explanation:
In this use case, you need to specify the path to the private key that you want to delete from the ssh-agent. Replace path/to/private_key with the actual path to the private key file.
Example output:
Identity removed: path/to/private_key (path/to/private_key)
Use case 5: Delete all currently loaded keys from the ssh-agent
Code:
ssh-add -D
Motivation: The motivation for using this example is to delete all currently loaded keys from the ssh-agent. This is useful when you want to remove all keys from the ssh-agent at once.
Explanation:
The -D option is used to delete all currently loaded keys from the ssh-agent.
Example output:
All identities removed.
Use case 6: Add a key to the ssh-agent and the keychain
Code:
ssh-add -K path/to/private_key
Motivation: The motivation for using this example is to add a specific key to both the ssh-agent and the keychain. This is useful when you want to store the private key in both places for convenient access.
Explanation:
In this use case, you need to specify the path to the private key that you want to add to the ssh-agent and the keychain. Replace path/to/private_key with the actual path to the private key file. The -K option is used to add the key to both the ssh-agent and the keychain.
Example output:
Identity added: path/to/private_key (path/to/private_key)
Conclusion:
The ssh-add command is a versatile tool for managing ssh keys in the ssh-agent. It allows you to add, list, and delete keys from the ssh-agent conveniently. By understanding and utilizing the different use cases, you can effectively manage your ssh keys and enhance the security of your authentication process.
