Here’s a simple post of what worked for me:
-1. Don’t execute a ‘ssh-add -A’ at any point in this process. A lot of advice recommends this at various steps. It is not needed in my experience.
- Edit or create $HOME/.ssh/config, adding the following lines:
Host *
AddKeysToAgent yes
UseKeychain yes
If you already have a config file, add the two lines ending with ‘yes’ to the ‘Host *’ section. If you have different keys for different destinations, make sure you specify them in the host definition sections that should come before the ‘Host *’ definition. If you don’t know what I’m talking about, these exceptions don’t apply to you.
- For each of your private keys on your macOS host, do the following from the terminal:
/usr/bin/ssh-add -K $HOME/.ssh/id_dsa
… where ‘id_dsa’ is the name of each of your private key files, one file per command. The important part is that the ‘ssh-add’ command needs the full path to the private key files. If you get an error on the ‘-K’ option, try dropping it.
- Open your keychain properties on your macOS host and search for ssh. The keys you added should be listed with their full paths.
- From the terminal, execute the following:
/usr/bin/ssh-add -l
… to list your keys. It should return none of your keys. This is expected.
- SSH to a destination host that already has your public key in the $HOME/.ssh/authorized_hosts file. It should work.
/usr/bin/ssh-add -l
At least one of your keys added above should be in the list.
This is an imperfect recipe. My MacBook Air is otherwise unavailable so I am working off of memory. I will replicate this on my home Mac Mini and edit this post for accuracy as I go.