.ssh/config: "Bad configuration option: UseKeychain" on Mac OS Sierra 10.12.6
MacosSshMacos SierraMacos Problem Overview
I am trying to set up my ssh config on the Mac (Mac OS Sierra 10.12.6) in such a way that it stores the passphrase for my ssh key in the keychain. Previously I could do that with
ssh-add -K ~/.ssh/id_rsa
But recently this doesn't seem to work anymore. Following this article there seems to be a change in the behaviour of the ssh config in Mac OS > 10.12.2 and the recommended way to fix this issue is to add UseKeychain yes
to your ssh config. So here's my .ssh/config
section the Host *
:
Host *
Port 22
ServerAliveInterval 60
ForwardAgent yes
IdentityFile ~/.ssh/id_rsa
AddKeysToAgent yes
UseKeychain yes
When trying to ssh to a foreign host, I get the following error message:
$ ssh my-host
/Users/USER/.ssh/config: line 16: Bad configuration option: usekeychain
Any ideas why this happens and how I can fix it? Thanks!
Macos Solutions
Solution 1 - Macos
Try to specify another option, namely IgnoreUnknown
like below:
Host *
IgnoreUnknown UseKeychain
UseKeychain yes
You can find more info about this here.
If you already have an IgnoreUnknown
value, use comma separated values
Host *
IgnoreUnknown AddKeysToAgent,UseKeychain
AddKeysToAgent yes
UseKeychain yes
If you have multiple Host
configs that use the UseKeychain
option, make sure to put
Host *
IgnoreUnknown UseKeychain
before the first host that uses the the option, e.g. put it at the top of the file.
Solution 2 - Macos
The accepted answer helped me but did not completely solve my problem because I had multiple options that were bad. Here is an example of what it might look like if you have this issue:
Host *
IgnoreUnknown AddKeysToAgent,UseKeychain
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa
Solution 3 - Macos
Instead of ssh-add type ‘open .ssh/id_rsa’ and add it to the keychain
The UseKeychain option never appeared as bad on my config, but I have in the beginning, before any other host, the following
Host *
UseKeychain yes
Host (...)
Solution 4 - Macos
I just commented out the line and scp/ssh started working for me again.
Solution 5 - Macos
It's the capital -K try lowercase -k!!
ssh-add -k ~/.ssh/id_rsa
Enter passphrase for /Users/tom/.ssh/id_rsa:
Identity added: /Users/tom/.ssh/id_rsa (/Users/tom/.ssh/id_rsa)
Solution 6 - Macos
I had the same issue and i realized that when started to generate the key by following the instructions. The first step is this.
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
I didn't change the email address but of course I have forgotten to do that :D. So make sure to not forget that step and all will be fine.