Mériam
Level 1 (4 points)
Mac OS X

Q: SSH keys not working after macOS Sierra Update

Hello, I have a problem to connect my servers with my previously stored private ssh keys in .ssh folder through terminal commands or third party apps. I should mention that I've enabled the filevault during the upgrade process. I can see that my passphases are stored in the keychain, but I need to enter my password every time I want to connect to the severs.

MacBook Pro with Retina display, macOS Sierra (10.12), null

Posted on Sep 27, 2016 8:23 AM

by Aghi,Solvedanswer
Aghi Aghi
Level 1 (14 points)
A:

Hello Mériam,

 

The problem is the ssh-agent does not automatically load passphrases on the keychain during startup.

 

> As you check the status of the ssh keys in the agent “ssh-add -l”. It shows the agent has no identities.

> You can add the old keys to the keychain by entering “ssh-add -K <keyfile>” again.  It prompts for the passphrase and saves them to the keychain.

> Now SSH authentication should works fine, but you need to run “ssh-add -A” after each logout/login OR just add “ssh-add -A” in your rc script to load the keys.

Posted on Oct 2, 2016 7:39 AM

Close
Mériam

Q: SSH keys not working after macOS Sierra Update

  • All replies
  • Helpful answers

  • by etresoft,

    etresoft etresoft Sep 27, 2016 8:25 AM in response to Mériam
    Level 7 (29,298 points)
    Mac OS X
    Sep 27, 2016 8:25 AM in response to Mériam

    Hello Mériam,

    Try creating a new ssh key. I think Sierra includes updated crypto logic and it doesn't like really old keys.

  • by Aghi,Solvedanswer

    Aghi Aghi Oct 2, 2016 7:39 AM in response to Mériam
    Level 1 (14 points)
    Oct 2, 2016 7:39 AM in response to Mériam

    Hello Mériam,

     

    The problem is the ssh-agent does not automatically load passphrases on the keychain during startup.

     

    > As you check the status of the ssh keys in the agent “ssh-add -l”. It shows the agent has no identities.

    > You can add the old keys to the keychain by entering “ssh-add -K <keyfile>” again.  It prompts for the passphrase and saves them to the keychain.

    > Now SSH authentication should works fine, but you need to run “ssh-add -A” after each logout/login OR just add “ssh-add -A” in your rc script to load the keys.