Mothers Ruin Software

Initialize Your SSH Agent From the Apple Keychain

Starting in Mac OS X 10.5, Apple provides built-in integration of ssh-agent with the Keychain, and SSHChain is no longer needed. See here for details.

The SSH package provided with Mac OS X includes a utility called ssh-agent. The purpose of ssh-agent is to hold your SSH identities in memory, so that you don't have to repeatedly enter your passphrase for every SSH-related command. You run ssh-agent once, enter your passphrase(s) once, and it takes care of the rest.

Unfortunately, the usual provisions for starting ssh-agent are designed for X11-based windowing systems, and don't integrate too well with Mac OS X. (In particular, they assume that you have a root session which can run user-specified programs, and from which all other processes will inherit their environment. There is also the problem of how to get your passphrases to ssh-agent.)

With the SSHChain utility, you can add your SSH identities and passphrases to the Apple Keychain, and have ssh-agent load automatically each time you log in. The agent will then be available to whatever processes you launch. SSHChain will also terminate the agent when you log out, so that unused agents are not left running.

Because SSHChain requires access to your Keychain, it is being released as free software, licensed under the GNU GPL. The source code and project files are available here.

Mothers Ruin Software