1

My development environment is configured in a Virtual Machine on my Mac (Vagrant box using Debian 8).

I've installed Git on the VM with SSH remote access. Everything works perfectly fine except that I always have to enter my passphrase for the first git push origin master after having booted my VM.

Here's my list of remotes : 

origin  git@github.com:PiR-P/my_repo.git (fetch)
origin  git@github.com:PiR-P/my_repo.git (push)

I've tried this solution (https://stackoverflow.com/a/10032655/6391764) but it only works until I shut down my VM.

Is there anyway to make it persistent even after having stop / reboot my VM?

Pierre P.
  • 1,055
  • 2
  • 14
  • 26
  • Why not push your SSH public key to `authorized_keys` in your VM? – tadman Jun 27 '17 at 20:06
  • Everything is already set up **in** the VM, i.e the `authorized_keys` is located under `~/.ssh/` in my VM. – Pierre P. Jun 27 '17 at 20:08
  • Oh, you mean the passphrase for your private key is a problem. There's a way of storing that in KeyChain, or you can always make a different non-protected key for your VMs. – tadman Jun 27 '17 at 20:08
  • @tadman OP did that. He is being asked the passphrase to the private key every time, not the account password. OP, the easiest solution is switch to a pair of passphase-less keys. – jingx Jun 27 '17 at 20:08
  • @jingx That's really annoying, ahaha, is this the only solution? – Pierre P. Jun 27 '17 at 20:09
  • There are other solutions like the one you have tried, but any solution that allows you to persist the passphrase would lead you to another problem - how to secure the persisted passphrase. That seems to me the same problem as you got when you use a pair of passphrase-less keys, so having the passphrase doesn't really gain you anything. – jingx Jun 27 '17 at 20:12
  • @jingx But for me it's the whole point of using SSH over HTTPS : not having to enter any credentials. That's the whole idea : storing a public key on your computer is a way to identify you. – Pierre P. Jun 27 '17 at 20:13
  • I agree. The private key serves as a persisted password. Now you have a passphrase protecting the private key because it's persisted and vulnerable to unauthorized use if somebody else gets hold of it. My point is that once you persist the passphrase, it becomes the new vulnerability. What do you do now? Put the persisted passphrase in another password-protected file? ;-) – jingx Jun 27 '17 at 20:26

1 Answers1

1

You can remove passphrase from the private key running ssh-keygen -p (enter old passphrase and press [Enter] two times to enter an empty new passphrase). But you have to understand the passphrase protects the private key, so by removing it you make your key more vulnerable to stealing.

phd
  • 82,685
  • 13
  • 120
  • 165