openssh-unix-dev Digest, Vol 8, Issue 15

Jeremy McMillan aphor at
Mon Dec 22 16:43:45 EST 2003

I think what Mr. Farr is referring to is keychain support. Keychain is 
provided as part of OS X. Apple published an API for it. An OS X 
compile would store and retrieve keys from Keychain in lieu/addition to 
the SSH Agent. Keychain is to OS-X what the ssh-agent is to ssh. This 
makes perfect sense, and I haven't been sufficiently peeved to do this 
yet, but I have dreamt of this myself.

It really should be up in the sysdep stuff. That way you can distribute 
a tarball. People can test that, and later it can get merged into the 
ssh tree.

For now, I, if not others, am interested in this code. Please do share: 
either diffs or tarball!

On Dec 21, 2003, at 11:11 PM, Damien Miller <djm at> wrote:

> Date: 20 Dec 2003 07:40:32 +1100
> From: Damien Miller <djm at>
> Subject: Re: Mac OS X Keychain Support
> To: "Will M. Farr" <farr at MIT.EDU>
> Cc: openssh-unix-dev at
> Message-ID: <1071866432.31141.10.camel at>
> Content-Type: text/plain
> On Sat, 2003-12-20 at 04:56, Will M. Farr wrote:
>> Hello,
>> I'm a Mac OS X user, and I got tired of typing my password every time 
>> I
>> want to login, but didn't want to use ssh-agent and the like.  So, I
>> grabbed the code for OpenSSH 3.7p1, and made some modifications which
>> allow passwords to be stored and recalled from the OS X Keychain.  The
>> reason I'm posting to this list is that I'd like to make these
>> modifications available to others, and I'm curious whether you would 
>> be
>> interested in including them in OpenSSH; I know that this is pretty
>> operating-system specific (as far as I know, keychain is unique to OS
>> X), but I changed to test for keychain support when it
>> detects a darwin operating system, so it shouldn't bother people who
>> don't have mac os X.  Should I diff my code against the standard 3.7p1
>> and give you guys a patch?
> Is the OS X KeyChain fhee software? If so, then send a patch to this
> list.
> -d
Jeremy McMillan

More information about the openssh-unix-dev mailing list