Where are ssh client private keys stored?
ssh-add
doesn't store anything locally or remotely on disk. This command loads your private key, asking once for its password, into the SSH Agent that was previously started.
The SSH Agent holds the private keys in memory only. When you launch the SSH client, it uses the private key from the SSH Agent, without asking for the private key password again, to authenticate against the target server.
The .ssh
directory will contains (in the home directory of any user) :
authorized_keys
: list of public keys allowed to be used to connect to this serverconfig
: optional file with configuration parameters for the SSH client- the public and private keys you've generated on this host for this user.
known_hosts
: maintain a list of hosts to which you already connected together with a hash to detect if the host key has changed since the last time.
ssh-add
is not supposed to change anything in ~/.ssh
. It tells the ssh-agent
program which identities to add, and the ssh-agent
program stores them in memory after asking for passphrases. So there is no such directory.