SSH Agent

The ssh-agent is a program that runs in the background and manages your SSH keys for you. When you generate an SSH key pair, you create a private key and a public key. The private key should be kept secure and confidential, while the public key can be freely shared. When you try to connect to a server (like GitHub) over SSH, the server will use your public key to send you a challenge, which can only be answered using your private key.

Typically, private keys are encrypted on disk with a passphrase for added security. This means that every time you want to use the key to authenticate, you would need to provide the passphrase, which can be tedious and inconvenient.

That’s where the ssh-agent comes in. When you add an encrypted private key to the ssh-agent, you only need to provide the passphrase once. The ssh-agent then handles all future authentication requests that require that key. This means you can securely use a passphrase-protected key without having to enter the passphrase every time you connect to the server.

It’s important to note that while the ssh-agent increases convenience, it also means that anyone who gains access to your computer while the ssh-agent is running could potentially use your SSH keys to authenticate. For this reason, you should still ensure your computer is secure, for example by locking it when you step away.