ssh-add
Store identity passphrase in keychain
The copy of OpenSSH bundled with macOS exposes a couple of additional options for managing identities:
--apple-load-keychain
(formerly-A
, deprecated in Monterey) adds all identities with passphrases stored in Keychain.--apple-use-keychain
(formerly-K
, deprecated in Monterey) stores passphrase in the Keychain.
You can avoid invoking ssh-add -A
by adding the following stanza to ~/.ssh/config
:
Host *
IgnoreUnknown UseKeychain
AddKeysToAgent yes
UseKeychain yes
Items
Keychain items used for storage of identity passphrases are named SSH: /file/name
. The private key filename is also stored in the Account field.