How To Add Ssh Key To Keychain

When you create a new instance in EC2, you'll be given a PEM file that acts as your access key. You'll take to use this to SSH into the server, and then you'll want to add it to your keychain for piece of cake admission.

How To Utilize Your PEM File

You can use PEM files manually by calculation the -i flag to ssh:

ssh -i keyfile.pem user@host

This is unwieldy to type every fourth dimension, so there are a few means to fix this.

The simplest method would exist to add your own public keys to your EC2 instance, and ignore the PEM file for all future logins. Your public primal is normally stored in ~/.ssh/id_rsa.pub, and then you'll want to copy that into the ~/.ssh/authorized_keys file on the server. If you're a 1 man team simply running one server, and don't listen doing this each time, this is all you have to do.

Notwithstanding, you'll have to become through this process each time yous create a new instance. Just with PEM files, you tin reuse them betwixt instances. Too, they're independent of your personal individual keys, so you can give them to other people who demand ssh access.

The ssh-add together command will store a key in your SSH amanuensis until you log out:

ssh-add ~/keyfile.pem

However, you lot'll need to run this on every reboot, and then information technology's not platonic. You tin add this to your ~/.bashrc or ~/.bash_profile to run every time yous boot upward the terminal, which solves the result. Make sure to redirect output to /dev/goose egg to silence the command, or you lot'll see "Identity Added" every fourth dimension you open up the final.

ssh-add ~/keyfile.pem >/dev/null 2>&i

RELATED: What is SSH Agent Forwarding and How Exercise You Use It?

Store SSH Keys In macOS Keychain

If y'all're on macOS, you can store additional SSH keys in the macOS Keychain. Open up ~/.ssh/config and add the following lines:

Host * UseKeychain yes

You can now add keys with

ssh-add -K ~/keyfile.pem

The keys will be stored in the keychain and persist beyond reboots. They volition be automatically loaded just similar ~/id_rsa.

Replace id_rsa With Your New Key

While this option does work, it'due south non really something we recommend. Only, if for some reason you actually want your AWS individual key to exist your new personal private cardinal, yous can replace id_rsa with the PEM file from AWS. id_rsa is loaded past default, so y'all'll default to using this cardinal for everything.

Make absolutely certain you aren't using your electric current private key for annihilation (SSH to other servers, GitHub, etc). Even if you lot think you lot aren't, you should back up your current SSH keys before proceeding:

mv ~/.ssh/id_rsa ~/.ssh/id_rsa_old mv ~/.ssh/id_rsa.pub ~/.ssh/id_rsa_old.pub

The AWS PEM file needs to exist converted to PKCS8 format to be used every bit a private cardinal. You lot tin exercise this with OpenSSL:

openssl pkey < keyfile.pem > keyfile.pkcs8

Then, you'll need to generate the corresponding public key, again using OpenSSL

openssl rsa -in keyfile.pkcs8 -pubout > keyfile.pub

Then, making certain you've backed upwards your sometime id_rsa, y'all can supercede them with your new ones:

mv keyfile.pkcs8 ~/.ssh/id_rsa mv keyfile.pub ~/.ssh/id_rsa.pub

How To Add Ssh Key To Keychain,

Source: https://www.howtogeek.com/devops/how-to-add-your-ec2-pem-file-to-your-ssh-keychain/

Posted by: smithtrate1937.blogspot.com

Share this post