Make this entry in your ~/.bash_logout file:
kill $SSH_AGENT_PID
Don’t do this if you’re using keychain, because the whole point of using keychain is to be able to log in and out without having to re-enter your passphrases.
If you don’t have a ~/.bash_logout file, create one. There should be a system-wide default logout file at /etc/skel/.bash_logout to use as a model.
First, set up your system to use ssh-agent. Then use keychain to keep your SSH passphrases alive, system-wide, until you reboot. keychain also makes it possible to run SSH transfers from cron.
Download and install keychain from the usual sources; it comes in RPMs, .debs, and sources. Then edit your local ~/.bash_profile, adding these lines:
keychain id_dsa
. ~/.keychain/$HOSTNAME-sh
Use the real name of your private key: id_rsa, my_own_groovy_key, whatever. Be sure to use the leading dot on the second line; this tells Bash to read the file named on the line.
That’s all you have to do. Now when you log in to your local workstation, a keychain prompt will appear, asking for the passphrase of your key. keychain will handle authentications until the system reboots.
You can name as many keys as you wish to use, like this:
keychain id_dsa apache_key ftp_key
You’ll enter the passphrase for each one at system login. Then keychain will handle authentications as long as the system stays up, even if you log out and log back in a few times. When you restart the system, you start over.
A lot of documentation tells you to use null passphrases on keys generated for servers, to enable unattended reboots. The risk is that anyone who gets a copy of the private key will be able to easily misuse it. As always, you’ll have to decide for yourself what balance of convenience and security is going to serve your needs.
You like running remote X sessions, but you know that they are completely insecure, so you want to run X over SSH.
Enable X forwarding on the SSH server, in /etc/ssh/sshd_config. Then use the -X flag when you start your SSH session.
You looked in /etc/ssh and didn’t see any key files: your Linux distribution did not generate host keys when you installed OpenSSH. Or you just want to create new host keys yourself.
Install OpenSSH on both machines. sshd, the ssh daemon, must be running on the remote host, so that it can receive connections. Copy the remote host’s public key to the local machine’s ~/.ssh/known_hosts file, and you’re in business.