SSH asking every single time for passphrase

Question

I have an annoying problem with my private key. Every time I want to clone or push via ssh in terminal or Tower app, I have to type my passphrase.

I even removed and recreated the ssh key and set the key on Github several times, but it looks like it has a short lifetime and after a couple of minutes, is expired!

I followed generate a new SSH key to create the key. At the end I ran ssh-add ~/.ssh/id_rsa and it printed out:

Identity added: /Users/sajad/.ssh/id_rsa (/Users/sajad/.ssh/id_rsa)

After I restarted my machine I ran ssh-add -l to check whether it's still there or not and here is the result:

The agent has no identities.

How can I fix this? I use macOS.

My /etc/ssh/ssh_config:

#   $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Host *
        SendEnv LANG LC_*

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
#   Protocol 2
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h

Answer 1

There's some really good solutions to a very similar question over on SuperUser and AskDifferent.

The basic gist is that Apple recently changed some of these behaviours in Sierra. Thankfully, it's simple to get them back by adding the following to the top of your ~/.ssh/config file:

Host *
  AddKeysToAgent yes
  UseKeychain yes

That should be enough to get it to start using the keychain to store/retrieve your SSH key passphrase.