I set up my ssh stuff with the help of this guide, and it used to work well (I could run hg push without being asked for a passphrase). What could have happened between then and now, considering that I’m still using the same home directory.
$ cat .hg/hgrc [paths] default = ssh://<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="f69e91b6949f829483959d9382d8998491">[email protected]</a>/tshepang/bloog $ hg push Enter passphrase for key '/home/wena/.ssh/id_rsa': pushing to ssh://<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="dab2bd9ab8b3aeb8afb9b1bfaef4b5a8bd">[email protected]</a>/tshepang/bloog searching for changes ...
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
You need to use an ssh agent. Short answer: try
$ ssh-add
before pushing. Supply your passphrase when asked.
If you aren’t already running an ssh agent you will get the following message:
Could not open a connection to your authentication agent.
In that situation, you can start one and set your environment up thusly
eval $(ssh-agent)
Then repeat the ssh-add command.
It’s worth taking a look at the ssh agent manpage.
Method 2
A way to solve this is with ssh-agent and ssh-add:
$ exec ssh-agent bash $ ssh-add Enter passphrase for ~/.ssh/id_rsa:
After this the passphrase is saved for the current session. and won’t be asked again.
Method 3
Create (or edit if it exists) the following ~/.ssh/config file:
Host *
UseKeychain yes
AddKeysToAgent yes
IdentityFile ~/.ssh/id_rsa
Method 4
I use Keychain for managing ssh keys. It is also available in Debian and so presumably Ubuntu with
apt-get install keychain
Here is the Debian keychain package page. As you can see, the project is not very active, but works for me. I also commented a bit about this in another answer here
Method 5
For convenience, the optimal method is a combination of the answers of jmtd and Faheem.
Using ssh-agent alone means that a new instance of ssh-agent needs to be created for every new terminal you open. keychain when initialized will ask for the passphrase for the private key(s) and store it. That way your private key is password protected but you won’t have to enter your password over and over again.
The Arch wiki recommends initializing keychain from /etc/profile.d/ or your shell profile, such as .bash_profile or .bashrc. This has a disadvantage in that it intializes your keychain as soon as you open a terminal.
A more flexible approach is to combine keychain with a specific tmux session. So, in .bash_profile:
tsess=$(tmux ls 2>&1)
if [[ "${tsess%%:*}" = "secured" ]] &&
[[ -f $HOME/.keychain/$HOSTNAME-sh ]]; then
# start keychain
/usr/bin/keychain -Q -q --nogui ~/.ssh/id_rsa
. $HOME/.keychain/$HOSTNAME-sh
fi
…and then it is just a case of starting the secured tmux session as and when required (launched from a keybind):
#!/bin/bash
PID=$(pgrep tmux)
new="tmux -f $HOME/.tmux/conf new -s secured"
old="tmux attach -t secured -d"
if [[ -z "$SSH_AUTH_SOCK" ]]; then
eval `ssh-agent`
trap "kill $SSH_AGENT_PID" 0
fi
if [[ -z "$PID" ]]; then
urxvtc -title "SSH" -e sh -c "${new}"
else
urxvtc -title "SSH" -e sh -c "${old}"
fi
ssh-add
Now, your keychain will only be initialized once when you start that specific tmux session. As long as that session persists, you will be able to access those ssh keys and push to your remote repositories.
Method 6
You can use sshpass:
$ sudo apt-get install sshpass $ sshpass -p 'password' ssh <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="94e1e7f1e6faf5f9f1d4e7f1e6e2f1e6">[email protected]</a>
You just need to add sshpass -p yourpassphrase before appending your usual ssh command.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0