Keychain

Keychain

OpenBSD, Linux

Need a small and smart utility to manage you ssh keys under linux ? got some scripts and cronjobs which requires an local ssh key ? have a look at keychain !

Install Software

depending on your OS …

macos$ brew install keychain
debian$ sudo apt-get install keychain
openbsd$ pkg_add keychain
freebsd$ pkg install keychain

edit startup Scripts

$HOME/.bashrc $HOME/.bash_profile /etc/profile $HOME/.profile

cat << 'EOF' >> $HOME/.bashrc
# Keychain Startup
eval `keychain --eval id_ed25519`
EOF

check service

$ keychain
$ ssh-add -L

add to .profile

cat << 'EOF' >> .profile

# Keychain Loaded ? Load and show Key ...
eval $(keychain --eval id_ed25519)
echo -e "loaded keys: `ssh-add -L |cut -c 1-12,77-`\n"
EOF

List Keys

keychain --list

List Finterprints (Public Key ?)

$ keychain --list-fp

Set Timeout

Timeout for SSH Agent

Ed25519

Security

like ssh and secure keys ?

Generate Secure Key

ssh-keygen -o -a 100 -t ed25519 -C "MyFamousComment"
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname)"
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname) at $(date \"+%Y-%m-%d\")"
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname) at $(date \"+%Y-%m-%d %H:%M\")"

What’s ed25519 ?

Wikipedia about Curve25519

2^{{255}}-19

Distribute Key

ssh-copy-id user@remotehost

Connect to Remote

Connect to Remove without Agent Forwarding (use this unless you know what you’re dooing …)

ssh -a remotehost

Connect with Agent Forwarding

or if you need Agent Forwarding