Projects / keychain

keychain

keychain helps you to manage ssh keys in a convenient and secure manner. It acts as a frontend to ssh-agent and gpg-agent, but allows you to easily have one long running ssh-agent process per system, rather than the norm of one ssh-agent per login session. This dramatically reduces the number of times you need to enter your passphrase. With keychain, you only need to enter a passphrase once every time your local machine is rebooted. keychain also makes it easy for remote cron jobs to securely "hook in" to a long running ssh-agent process, allowing your scripts to take advantage of key-based logins.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  23 May 2010 19:40

    Release Notes: A GPG fix for pinentry issues (Gentoo bug 203871). A Mac OS X documentation fix. Makefile updates. The archive now includes a pre-generated script and man pages.

    •  25 Oct 2009 03:56

      Release Notes: The color scheme, output formatting, and the --quiet option were improved. The lockfile() implementation was simplified for smaller code. A new Mac OS X package was added.

      •  06 Aug 2009 20:06

        Release Notes: Potential issues with GNU grep were fixed. A Mac OS X color problem when called with --eval was fixed. The Perl 5.10 Makefile was fixed. The README file was changed to README.rst (reStructuredText). The maintainership information was updated. The default output was simplified, so --version or --help are now required to show version, copyright, and license information.

        •  26 Jul 2009 03:56

          Release Notes: Many compatibility fixes and improvements were made.

          •  25 Jul 2004 15:36

            Release Notes: A defunct ssh-agent processes is no longer mistaken as running.

            Recent comments

            14 Dec 2006 14:53 maxdakwing

            Great tool - good read
            I can only recommend the articles mentioned earlier, however it seems the URLs have changed -

            http://www-128.ibm.com/developerworks/library/l-keyc.html

            http://www-128.ibm.com/developerworks/library/l-keyc2/

            http://www-128.ibm.com/developerworks/library/l-keyc3/

            15 Jul 2003 13:51 ralfhauser

            how does this compare to win-ssh-askpass
            When using the ganaware.jp solution as per http://bugzilla.mindrot.org/show_bug.cgi?id=496#c6 (http://bugzilla.mindrot.org/show_bug.cgi?id=496#c6) and c8, I only have to enter my passwords once for all the cygwin logins I have under my one windows user session - is the ganaware solution therefore a win32 equivalent?

            15 Jul 2003 13:46 ralfhauser

            idle timeout like screen saver with password
            for end users, it may be important that my ssh-tunnels are only operational as long as I am logged on to my machine via the terminal.

            Does keychain have such an option or do I have to wait until http://bugzilla.mindrot.org/show_bug.cgi?id=496 (http://bugzilla.mindrot.org/show_bug.cgi?id=496) is available from ssh directly?

            21 Nov 2002 19:42 Stalione

            A great tool if used wisely
            Anyone looking into key based authentication into their boxes should definitly look into this software. Also I highly suggest that you read the three part series called "OpenSSH key management" by Daniel at the IBM website.
            http://www-106.ibm.com/developerworks/linux/library/l-keyc1/
            http://www-106.ibm.com/developerworks/linux/library/l-keyc2/
            http://www-106.ibm.com/developerworks/linux/library/l-keyc3/


            I am looking forward to implementing key based authentication on all our servers in the datacenter (after testing of course ;-) )
            Also do note that the article was writted for ver 1.0. As I write this note keychain is at version 2. So don't follow the article blindly (just like any other document). Make sure you read keychain --help and the Readme.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.