To solve this problem, I used Homebrew to install a newer version
of OpenSSH, version 9.2 at the time of writing:
brew install openssh. After the
installation completed, I disabled macOS' default
launchctl disable user/$UID/com.openssh.ssh-agent
Next, I added my own launch agent at
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.hkamran.ssh_agent</string> <key>ProgramArguments</key> <array> <string>sh</string> <string>-c</string> <string>/usr/local/bin/ssh-agent -D -a ~/.ssh/agent</string> </array> <key>RunAtLoad</key> <true/> </dict> </plist>
-D option passed to
ssh-agent prevents it from forking, and the
ssh-agent to bind to
I also added the following line to my
.zshrc file, which ensures that the bind
address is set to
Finally, either open a new shell (new tab, new window, etc.) or type
which relaunches the shell. Run
ssh -V or
which ssh to check that you are using
the new version from Homebrew.
If you'd like to read about how to use FIDO2 SSH keys, I've written a companion article on the topic.
If you have any improvements to any of my articles or notes, please submit a pull request.
Thank you for reading!