I have downloaded Sourcetree lately which comes with puttygen, plink and pageant.
I have set up an SSH public and private key, with a non-empty passphrase.
I was prompted for this passphrase when I added the private key to the Pageant key list. However, when I restart my machine and re-open Sourcetree I am re-prompted for this passphrase.
1). Should Pageant or Sourcetree be saving this passphrase, so I am not prompted every time I wish to use Sourcetree?
2). If so, how?
Pageant keeps decrypted key in memory only. It does not save the passphrase or the decrypted key anywhere.
Saving the passphrase would be almost as insecure as saving the key unencrypted. While it would be a solution for you, it's really not recommendable!
Quote from Security considerations section of Pageant documentation:
Using Pageant for public-key authentication gives you the convenience of being able to open multiple SSH sessions without having to type a passphrase every time, but also gives you the security benefit of never storing a decrypted private key on disk. Many people feel this is a good compromise between security and convenience.
It is a compromise, however. Holding your decrypted private keys in Pageant is better than storing them in easy-to-find disk files, but still less secure than not storing them anywhere at all.
