I have always wondered why such a basic feature (loading ssh keys for persistent usage) requires a clunky command to execute in the background of a cmdline. Why isn't ssh-agent a service (for example) by default? I assume there might be a security reason, but I'm curious to get other thoughts.
SnapOverflow
If you use
ssh-agentan attacker can get the unencrypted key from memory. See https://www.netspi.com/blog/technical/network-penetration-testing/stealing-unencrypted-ssh-agent-keys-from-memory/If
ssh-agentis not running by default, the packager and system administrator have not set it up for you. As this is a matter of personal preference and important to security, not enabled by default makes sense to me. How tos exist of how to set it up in many environments.ssh-agentusage of printing out shell variables to evaluate is not typical of most programs.Other ssh agents may be have a friendlier experience. For example, on the desktop there exists Gnome Keyring SSH Agent.