One of the Mac’s best features for tech types has been disabled by default in Sierra: being able to save the passphrase for an SSH public-private key pair in the macOS keychain.
If you don’t know what that means, then you probably don’t need to worry about it. But if you do, it means that you’ll need to type the SSH passphrase every single time you use ssh or scp (unless you want to take the considerably less secure route of using a key pair that doesn’t have a passphrase). Not having to do this is one of the reason I prefer macOS to, say, Linux.
Fortunately, there’s still a way to get passphrases saved. In /etc/ssh/ssh_config
, you’ll find a section that says Host *
. Under that, add a line, indented, that says UseKeychain yes
. (You can use a free editor such as TextWrangler to edit it, or use sudo nano /etc/ssh/ssh_config
from the Terminal.) I suggest you make a backup copy of your ssh_config file first.
Alternatively, paste the following into Terminal window to edit your ssh_config file automatically:
grep -q 'UseKeychain yes' /etc/ssh/ssh_config || \ sudo sed -i '' 's/^Host \*/Host *\'$'\n UseKeychain yes/' \ /etc/ssh/ssh_config
Once you’ve done that, passphrases will be saved after you enter them successfully, and you won’t need to enter them subsequently. Unlike before, where you would get a full system dialog asking you for the passphrase and the option to save it in your keychain, you’ll now just get prompted in the Terminal window as usual. However, your entry will be silently saved in to your local keychain.