Keychain helps you to manage SSH and GPG keys in a convenient and secure
manner. It acts as a frontend to ssh-agent and ssh-add, but allows you
to easily have one long running ssh-agent process per system, rather than
the norm of one ssh-agent per login session.
This dramatically reduces the number of times you need to enter your
passphrase. With keychain, you only need to enter a passphrase once every
time your local machine is rebooted. Keychain also makes it easy for remote
cron jobs to securely "hook in" to a long running ssh-agent process,
allowing your scripts to take advantage of key-based logins.
Keychain also integrates with gpg-agent, so that GPG keys can be cached
at the same time as SSH keys.
Keychain includes bash completion support for command-line options, SSH keys,
GPG keys, and the --extended key format (sshk:, gpgk:, host:).
Most Linux distributions will install the completion script automatically when you install keychain via your package manager.
For manual installation:
-
System-wide (requires
bash-completionpackage and root access):sudo make install-completionsThis installs to
/usr/local/share/bash-completion/completions/by default. UsePREFIX=/usrfor/usr/share/bash-completion/completions/. -
User-only (no root required):
mkdir -p ~/.local/share/bash-completion/completions cp completions/keychain.bash ~/.local/share/bash-completion/completions/keychain
After installation, restart your shell or run:
source /etc/bash_completion
Tip: If pressing tab doesn't show all possible completions when there are
multiple matches (e.g., sshk:id_<tab> completes to common prefix but doesn't
list all keys), add this to your ~/.inputrc:
set show-all-if-ambiguous on
Then restart your shell or run bind -f ~/.inputrc.
Keychain is maintained by BreezyOps - Daniel Robbins' Open Source Innovation Lab. If you find it useful, please consider:
- Starring the repository ⭐
- Joining Discussions to share tips and ask questions 💬
- Supporting development to help maintain and improve keychain! ❤️
Your support helps keep this project alive and actively maintained, and supports the creation of future projects. Thank you!
Please submit pull requests against the master branch which should track official
releases. Before submitting your PR, please:
-
Make sure that you have ShellCheck enabled in your IDE and that your changes don't introduce any bashisms or other non-POSIX things. For any intended exceptions, such as non-quoting of expanded variables, please insert a commented ShellCheck exception to disable the warning, and if not totally obvious, then add a comment to the exception like this:
# shellcheck disable=SC2086 # this is intentional:If you do not understand a ShellCheck warning, then don't just blindly disable it. Do some research first, make any necessary changes, and then submit your PR.
-
Please use tabs for initial indentation, not spaces.
-
Don't use tabs at the end of lines, such as to align comments. Either use a full line to add a comment or add a short comment at the end of a command, separating the "#" from the actual command with just a single space.
-
For any new features or options, update
keychain.podwith documentation on how to use the new feature.