git suddenly started to ask for SSH key password every time

Question

So, I use git and github with MFA, so, to avoid annoying password asking, for more than a year I am using the git@github.com:user/repo.git URL style.

A couple of days ago, I ran a brew update, and now, every time try to sync with github servers, git asks me the key password.

What I did so far:

• Checked my configs, seems ok to me, but here it is (the relevant part):

  [user]
     name = Carlos Alexandro Becker
     email = caarlos0@gmail.com
     helper = osxkeychain
  

• Tried to update git and osxkeychain, current versions are:

  git 2.4.1
  OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
  

• Cleaned osxkeychain for github.com

• checked that ssh-agent is running, re-added my identity

The one weird thing that I saw is this:

$ ssh-add ~/.ssh/id_rsa.pub
Could not open a connection to your authentication agent.
$ ssh-agent sh -c 'ssh-add ~/.ssh/id_rsa.pub'
Enter passphrase for /Users/carlos/.ssh/id_rsa.pub:

So, my guess is that somehow ssh-agent is not working properly, but I don't have any idea why nor how to fix it.

Answer 1

Since you mentioned, brew, I assume you're running on a Mac. This has also happened to me and the solution was to ensure that I added the passphrase to the keychain (the Mac version of ssh-agent, automatically launched on a Mac, includes keychain support):

$ ssh-add -K

And to store the passphrase for a different key:

$ ssh-add -K /path/to/private/key/file

Specifically in my case (since I use a separate key for GitHub):

$ ssh-add -K ~/.ssh/github_rsa

To automatically load keys into the ssh-agent and store passphrases in your keychain, you need to modify your ~/.ssh/config:

Host *
 AddKeysToAgent yes
 UseKeychain yes
 IdentityFile ~/.ssh/id_rsa

I obtained this information from here:

• http://www-uxsup.csx.cam.ac.uk/~aia21/osx/leopard-ssh.html#Passphrase
• https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/

The above addresses the OP issue for ssh keys. The following is also useful for Mac users if you want to cache your HTTPS credentials as well. You can do this by using a credential helper. To tell git to use the osxkeychain helper, ensure this is added to your ~/.gitconfig (or ~/.config/git/config).

[credential]
    helper = osxkeychain

Instead of editing the file directly, you can set this entry from the command line:

$ git config --global credential.helper osxkeychain

See these links for more detail (including how to verify that your system has the osxkeychain helper installed):

• https://help.github.com/articles/caching-your-github-password-in-git/
• https://git-scm.com/book/gr/v2/Git-Tools-Credential-Storage

Answer 2

Seems like something went wrong with my ssh-agent.

I tried to stop it (with kill -9) and start it again (with ssh-agent), but it wouldn't fix the problem.

After I ran eval 'ssh-agent -s' it all started to work as expected again.

Still I have no idea why this happened..

Answer 3

In my case it happened because I changed the ssh key I use for Github and forgot to change the entry in ~/.ssh/config.

I should have changed the line IdentityFile ~/.ssh/id_rsa to the location of the new SSH key.

Answer 4

In my case, on PopOs (Ubuntu) all I had to do was

ssh-add ~/.ssh/{ssh_key}

I'm not sure what caused it to go missing in the first place though.