Hacker News new | past | comments | ask | show | jobs | submit login

That would actually be (GUI, it doesn't work like this actually, I think, but what I want would look the same) ideal: you don't get my ssh key. You get an ssh session arranged for by the keychain. Too bad it's probably too much work for something not enough people use (and those who use it are generally security-conscious enough to avoid malware on their own).



If you call `ssh` on the command line it will use Keychain to unlock your private SSH key.

That part is done. The application shouldn't be asking for SSH keys, it is completed already. Just use `ssh` as you would before.


And if you type 'ssh-add' you'll only have to enter your passphrase once. I think this all got sorted out beginning with Leopard; before that, it may not have worked as expected (compared to other *NIX environments).


ssh-agent has shipped from the very beginning (that's part of the ssh distribution). The only thing that was different was that it wasn't bridged to the system keychain until recently. Or more accurately, the system keychain now runs its own version of ssh-agent automatically.


Yeah, I just checked up on the man page, and the agent actually works the way I'd want it to. So it's just a question if a sandboxed app has access to the agent.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: