I recently set up key based ssh authentication for my workstation to a test server (running Centos 6) I have. The key based authentication works fine and I am able to log in just by entering a passphrase. In a quest to allow login without entering anything at all (except for the first time in a given server reboot session), I downloaded and configured keychain on my server. In this case it's on the root user but I plan on using it for other users and disabling root login completely (server is on a private network anyhow).
To my understanding, keychain allows you to access the server without entering a passphrase except the first time logging in between server reboots. I am showing that after first using keychain, it prompted me for a passphrase then keychain itself prompted me for a passphrase then it logged me in. On my second login (illustrated below), it still continues to ask me for my passphrase.
login as: root
Authenticating with public key "imported-openssh-key"
Passphrase for key "imported-openssh-key":
Last login: Wed Apr 8 17:35:54 2020 from 188.8.131.52
* keychain 2.8.0 ~ http://www.funtoo.org
* Found existing ssh-agent: 4023
* Known ssh key: /root/.ssh/id_rsa
If there a way to get this to not ask me for my passphrase or did I misconfigure anything? I haven't changed anything in the sshd_config so far.
Here's my .bash_profile and location of the key files:
root@server1 [~]# cat .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
# User specific environment and startup programs
eval `keychain --agents ssh --eval id_rsa`
root@server1 [~]# find | grep id_rsa
I feel like i've tried everything at this point. Please let me know if i need to provide some more details. Thanks for the help!