You are not logged in.
I'm new to Arch Linux and I'm having difficulty with the Git passphrase.
I created the SSH key via ssh-keygen and added it to GitHub following the guide to add it to the ssh-agent and ssh config file.
Now every time I boot my computer and open up my terminal the ssh-agent ask me the passphrase, but only the first time.
But when I do a pull/push operation from VSCode I need to enter my passphrase every time.
I was unable to fix using guide around the internet.
Can I ask some help?
Thanks a lot.
Offline
If when you created the key, you specified a passphrase, this is expected behaviour: Upon using the key, you are prompted for the passphrase.
A private key is a guarded secret and as such it is advisable to store it on disk in an encrypted form. When the encrypted private key is required, a passphrase must first be entered in order to decrypt it. While this might superficially appear as though you are providing a login password to the SSH server, the passphrase is only used to decrypt the private key on the local system. The passphrase is not transmitted over the network.
Source:
https://wiki.archlinux.org/title/SSH_keys#Background
If you don't want it to do that, when you create the key, leave the passphrase empty. But a word of caution, this carries much greater risk if your system is compromised and I would not advise it, particularly for accessing remote or sensitive services. See here:
It is also possible to create your private key without a passphrase. While this can be convenient, you need to be aware of the associated risks. Without a passphrase, your private key will be stored on disk in an unencrypted form. Anyone who gains access to your private key file will then be able to assume your identity on any SSH server to which you connect using key-based authentication. Furthermore, without a passphrase, you must also trust the root user, as they can bypass file permissions and will be able to access your unencrypted private key file at any time.
Source:
https://wiki.archlinux.org/title/SSH_ke … n_key_type
Last edited by Bink (2025-02-03 02:25:39)
Offline
If when you created the key, you specified a passphrase, this is expected behaviour: Upon using the key, you are prompted for the passphrase.
Thank for the reply! Then no problem about entering the password at startup of the computer.
Even if not related to Arch may I can ask, if possible, help about VSCode that asks me for the password at every push/pull? shouldn't it use the same ssh-agent?
Thanks
Offline
I don't know the specifics of your SSH setup, but if you look at https://wiki.archlinux.org/title/SSH_keys#SSH_agents there are instructions for setting up various different ssh-agents that will reduce the number of times you need to enter the passphrase for your SSH keys. (Usually you will need to enter it for the first usage, but the agent will keep track of it for subsequent uses).
EDIT: The list there is kinda daunting, so I would suggest using a desktop wallet (Kwallet, or the gnome equivalent) if you use GUI mostly, or if you use CLI heavily (or want to be able to use the agent through SSH) I would suggest the default OpenSSH agent, or GnuPG agent. (OpenSSH is much easier to configure if you don't already use GPG).
Last edited by Ethergeist (2025-02-07 01:37:21)
Offline
You can use keychain.
Offline