keychain
keychain helps you to manage ssh keys in a convenient and secure manner. It acts as a frontend to ssh-agent and gpg-agent, but allows you to easily have one long running ssh-agent process per system, rather than the norm of one ssh-agent per login session. This dramatically reduces the number of times you need to enter your passphrase. With keychain, you only need to enter a passphrase once every time your local machine is rebooted. keychain also makes it easy for remote cron jobs to securely "hook in" to a long running ssh-agent process, allowing your scripts to take advantage of key-based logins.
| Tags | Security Utilities |
|---|---|
| Licenses | GPLv2 |
| Operating Systems | POSIX Linux FreeBSD Mac OS X |
| Implementation | shell script |
Recent releases
- 23 May 2010 21:39
Release Notes: A GPG fix for pinentry issues (Gentoo bug 203871). A Mac OS X documentation fix. Makefile updates. The archive now includes a pre-generated script and man pages.
- 25 Oct 2009 09:22
Release Notes: The color scheme, output formatting, and the --quiet option were improved. The lockfile() implementation was simplified for smaller code. A new Mac OS X package was added.
- 07 Aug 2009 10:19
Release Notes: Potential issues with GNU grep were fixed. A Mac OS X color problem when called with --eval was fixed. The Perl 5.10 Makefile was fixed. The README file was changed to README.rst (reStructuredText). The maintainership information was updated. The default output was simplified, so --version or --help are now required to show version, copyright, and license information.
- 26 Jul 2009 11:14
Release Notes: Many compatibility fixes and improvements were made.
- 25 Jul 2004 08:36
Release Notes: A defunct ssh-agent processes is no longer mistaken as running.
Recent comments
Great tool - good read
I can only recommend the articles mentioned earlier, however it seems the URLs have changed -
how does this compare to win-ssh-askpass
When using the ganaware.jp solution as per bugzilla.mindrot.org/s... (bugzilla.mindrot.org/s...) and c8, I only have to enter my passwords once for all the cygwin logins I have under my one windows user session - is the ganaware solution therefore a win32 equivalent?
idle timeout like screen saver with password
for end users, it may be important that my ssh-tunnels are only operational as long as I am logged on to my machine via the terminal.
Does keychain have such an option or do I have to wait until bugzilla.mindrot.org/s... (bugzilla.mindrot.org/s...) is available from ssh directly?
A great tool if used wisely
Anyone looking into key based authentication into their boxes should definitly look into this software. Also I highly suggest that you read the three part series called "OpenSSH key management" by Daniel at the IBM website.
www-106.ibm.com/develo...
www-106.ibm.com/develo...
www-106.ibm.com/develo...
I am looking forward to implementing key based authentication on all our servers in the datacenter (after testing of course ;-) )
Also do note that the article was writted for ver 1.0. As I write this note keychain is at version 2. So don't follow the article blindly (just like any other document). Make sure you read keychain --help and the Readme.
Heartbeat
- Popularity Score
- 234.06
- Vitality Score
- 10.75
- Subscriptions
- 97
