How to Save Your SSH Key Passphrase to Your Apple Keychain On MacOS

How to Save Your SSH Key Passphrase to Your Apple Keychain On MacOS

Did you just upgrade macOS only to find that when you’re pushing or pulling changes from GitHub, it’s requesting you to “Enter passphrase for key ‘/Users/username/.ssh/id_ed25519’:” where username is your username and id_ed25519 is your private key.

Frustrated because all the guides on saving your SSH key passphrase to your Apple Keychain are outdated or missing key instructions? Been there, done that — that’s why this tutorial exists.

So how do I fix this?

How to Store Your SSH Private Key Passphrase in Your Apple Keychain

Open up the Terminal application under FinderApplicationsUtilitiesTerminal

If you’re using macOS Monterey or macOS Ventura, type this into Terminal:

ssh-add --apple-use-keychain --apple-load-keychain ~/.ssh/id_ed25519

Where id_ed25519 is your private key. Hit the return key once you verify you’re using the correct private key.

In macOS Sierra or older, type this into Terminal:

ssh-add -KA ~/.ssh/id_rsa

Again, id_rsa should be your private key. Verify this, then hit return.

Enter your private key passphrase, and you shouldn’t be asked for it again as long as you follow the directions in the next section.

How to Configure Your SSH-Agent to Always Use Your Apple Keychain

If your operating system is older than macOS Sierra, you don’t need to follow this step.

Unfortunately, macOS Sierra and above eliminated the behavior of retaining your keys between logins, and the SSH update now bypasses the keychain by default.

Follow the steps below to fix this issue:

Make sure you’ve correctly followed the instructions on How to Store Your SSH Key Passphrase in Your Apple Keychain above. Just try pushing or pulling from GitHub and see if it still prompts you for your private key passphrase.

You’ll need Terminal again for the following commands. So reopen it if you’ve closed it.

Make sure you have a ~/.ssh/config file. You can check this by entering the test -f ~/.ssh/config && echo "File exists." into Terminal.

If the words “File exists.” aren’t returned by the previous command, create a file named config. You can do this by typing touch ~/.ssh/config and hitting the return key.

Now enter nano -w ~/.ssh/config into Terminal and make sure the file looks like this:

Host *.github.com
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_ed25519

Change ~/.ssh/id_ed25519to the actual filename of your private key. If you have other private keys in your ~/.ssh directory, add an IdentityFile line for each. For example, if you have an old private key like id_rsa, add IdentityFile ~/.ssh/id_rsa.

Don’t forget the UseKeychain yes part as it instructs SSH to fetch the key passphrase from your Apple keychain.

If you wish to save your SSH key passphrase for all hosts (not just GitHub), change the Host *.github.com line to Host *

Now you will close and save your SSH config file: hit control x to exit, then type y, and hit return to save your changes.

Congratulations!

Your SSH connections will now use the specified private keys, and the passphrases will be fetched from your Apple keychain. Say goodbye to having to type your SSH private key passphrase every single time you interact with GitHub.

More Hyperion360 Articles

How to Recognize Business Opportunities and Validate Your Ideas

How to Recognize Business Opportunities and Validate Your Ideas

With the rapid advancements in technology and the increasingly interconnected global marketplace, the world is teeming with opportunities for aspiring entrepreneurs.

Read More
How to Choose a Staff Augmentation Firm

How to Choose a Staff Augmentation Firm

Are you struggling to find the right talent to fill your company’s technical positions?

Read More
How to Build a Unicorn Startup 🦄

How to Build a Unicorn Startup 🦄

In my many years spent working at startups, high growth businesses have always been my passion.

Read More