Caching Private SSH Keys

About

Caching private SSH keys into memory key slots can help the SSH clients to employ those keys transperantly to the user. Once the keys are loaded into the slots, there is no need to provide manually the key identity and decryption password when establishing a new SSH session.

Linux/macOS

By default, both Linux and macOS have OpenSSH client package installed and an SSH key agent is included in that package. SSH agent starts with the start of the desktop session. To cache all private keys available under ~/.ssh folder, just type:

ssh-add

and provide the key decryption password(s). Afterward, those keys will be kept cached until the termination of the SSH agent process or until the desktop session that owns the PID of the agent is closed.

Warning

SSH agent on Linux and macOS supports SSH private keys in OpenSSH format. If you need to convert your private SSH key from PuTTY into OpenSSH format (that is usually the case if the key pair is generated on Windows desktop system and then brought as a file into Linux/macOS desktop environment), follow the procedure recommended in Convert PuTTY SSH Key Into OpenSSH Format.

If you want to be key-specific and load only certain private SSH key(s), provide the path to the file(s):

ssh-add ~/.ssh/id_ecdsa

Windows (PuTTY/Pagean)

Note

Pageant is an SSH key agent that supports PuTTY for Windows. It is included in the full PuTTY installation. You need to have the latest PuTTY installed along with its tools (Pageant is one of those tools). The PuTTY installer is available at:

https://www.putty.org/

Warning

Pageant supports SSH private keys in PuTTY format. If you need to convert your private SSH key from OpenSSH into PuTTY format (that is usually the case if the key pair is generated on Linux or macOS desktop system and then brought as a file into Windows desktop environment), follow the procedure recommended in Convert OpenSSH Key Into PuTTY Format.

To run Pageant go to the search bar of Windows, type there “pageant” (1), and click on the application icon (2):

_images/puttygen_19.png

Upon its successful start, Pageant will diplay its icon in the tray bar:

_images/puttygen_20.png

  • Load (cache) a private SSH key into the memory

    Click once onn the Pageant icon with the right button of the mouse and select “Add Key” in the menu:

    _images/puttygen_21.png

    and select the file that contains the private SSH key in PuTTY format:

    _images/puttygen_22.png

    Provide the correct password for encrypting the private SSH key:

    _images/puttygen_23.png

    Upon success, the private SSH key will be stored into the memory key slots operated by Pageant.

  • Preview or remove cached keys

    Click once on the Pageant icon with the right button of the mouse and select “View Keys” in the menu:

    _images/puttygen_24.png

    A newly open window will display the cached keys:

    _images/puttygen_25.png

Note

If you need to remove any of the cached keys, just select that key in the list and then press the button “Remove”.

Getting help

See Getting help