ssh-agent on Mac OS X 10.5

For as long as I can remember, I’ve been using a tool called SSHKeychain on Mac OS X to manage ssh-agent and my identities, to make logging into remote servers secure, yet password-free.

Lately, however, something has changed and SSHKeychain isn’t able to keep track of my keys. The result is that instead of rarely typing my passphrases, I’m doing it constantly. I think it started around the time I updated to 10.5.8.

Turns out that Leopard has much better support for ssh-agent built-in and SSHKeychain isn’t necessary. Dave Dribin’s blog lays it all out: ssh-agent on Mac OS X 10.5 and, for the security conscious, Securing ssh-agent on Mac OS X 10.5.

A couple of things to watch out for:

• If you are switching from SSHKeychain, remove the environment override for SSH_AUTH_SOCK from ~/.MacOSX/environment.plist.
• To get the GUI passphrase dialog and the option to save the passphrase in your keychain, you must use the system ssh, not one from Fink or MacPorts.