Saturday 04 March 2017

Keychain Not Saving SSH Key Passphrase in macOS Sierra by Default

Prior to macOS Sierra, ssh would present a dialog asking for your passphrase and would offer the option to store it into the keychain. This UI was deprecated some time ago and has been removed.

Instead, a new UseKeychain option was introduced in macOS Sierra allowing users to specify whether they would like for the passphrase to be stored in the keychain. This option was enabled by default on macOS Sierra, which caused all passphrases to be stored in the keychain.

This was not the intended default behavior, so this has been changed in macOS 10.12.2. To store passphrases in the keychain, set this option in your ssh configuration file:

UseKeychain yes

So that’s the reason. After upgrading to Sierra, I have to enter the passphrase manually every time I connect to a server via ssh in terminal. I keep wondering what kind of bug this is.

Add this small piece of code in ~/.ssh/config should fix this and make keychain enter the ssh passphrase automatically like before:

Host *
  UseKeychain yes