Best SFTP/SSH workflow for passphrase-protected keys?

Avatar
Permanently deleted user
Created

I'm trialling PHPStorm 2017.2.1 on Debian and we use signed SSH keys that are passphrase-protected. I'm trying to set it up such that I can SFTP/SSH into our servers using ssh-agent/keychain. I have keychain set up such that it prompts me for the passphrase the first time I open a terminal window, and then all subsequent ssh connections don't prompt for the key's passphrase. 

I am getting an "auth cancel" error when I try to connect via SFTP to a server that requires my key, though, after authenticating the key in a separate terminal window. Should I switch to KeePass? Is there something I've overlooked?

Votes

0

Share

7 comments
Avatar
Dmitry Tronin
Created

Did you choose "ssh agent" in deployment configuration for that server?

0
Avatar
Permanently deleted user
Created

Yes! 

0
Avatar
Permanently deleted user
Created

How does PHPStorm handle SSH/SFTP connections with SSH keys that are passphrase-protected?

0
Avatar
Permanently deleted user
Created

If you set auth type to Key pair in Build, Execution, Deployment | Deployment > your SFTP server, you will be prompted for key and for a passphrase.

0
Avatar
Permanently deleted user
Created

We figured it out internally; we needed to:

  • disable Gnome Keyring (or at least its SSH component)
  • ssh-add the key explicitly from the command line; not just "ssh-add" but "ssh-add path/to/key/id_rsa" after which you get a password prompt
  • start PHPStorm from the same terminal window the key was added from

I'll be looking into using the third-party Keychain package to manage the ssh-agent so hopefully I can start PHPStorm by just clicking its icon.

0
Avatar
Permanently deleted user
Created

Thanks!

Did you switch PhpStorm to KeePass in File | Settings | Appearance & Behavior | System Settings | Passwords?

0
Avatar
Permanently deleted user
Created

Nope! I am not currently using KeePass. 

0

Please sign in to leave a comment.