Configuring Bashrc for SSH Keychain
March 28, 2026
Let's create the basic bashrc template that is used for all normal users. The template is located at /etc/skel/.bashrc. I can be pretty sparse, but I like to add the keychain pieces to assist with key management. This file gets copied to user home directories when the user is created.
/etc/skel/.bashrc
# source variable
source ~/.ssh/.keychain/$HOSTNAME-sh
# source ~/.ssh/.keychain/$HOSTNAME-sh-gpg # uncomment if using gpg
# Test for an interactive shell. There is no need to set anything
# past this point for scp and rcp, and it's important to refrain from
# outputting anything in those cases.
if [[ $- != *i* ]] ; then
# Shell is non-interactive. Be done now!
return
fi
source /etc/profile
# space-delimated list of keys (either ssh [file] or gpg [id])
KEYS="id_rsa"
# if you need to clear the keychain
# keychain --clear
# run this on login
# if key is unlocked already, this prints and closes
# if key is locked, prompt for password
eval `/usr/bin/keychain --eval --inherit any -Q --ignore-missing --nogui --dir ~/.ssh/.keychain --eval $KEYS`That skeleton file should be readable by all but writable for only by root.
chmod 644 /etc/skel/.bashrcIf you would like root to use /root/.bashrc, you can copy it now.
cp -i /etc/skel/.bashrc /root
chown root:root /root/.bashrc
chmod 770 /root/.bashrcBy default, on log in, root does not source this file. You need a /root/bash_profile. Let's create that now.
cp -i /etc/skel/.bash_profile /root/
chown root:root /root/.bash_profile
chmod 770 /root/.bash_profileOkay, you should now be able to log in as root and root should source /root/.bashrc.