open test <--- need to be able to pass the ssh_key phrase here
There are two ways around the issue. The less secure choice is to remove the passphrase from the key. You are depending entirely on file-system permissions to keep the key secret then. Security-wise, it's no different that having the passphrase in a plain-text file. In either case, if someone gets access to the file, they have what amounts to your password.
The more secure approach is to use an agent (such as Pageant
) to store the key in memory. The agent provides the key to WinSCP and/or PuTTY whenever authentication to a remote server is required.
I put a shortcut to Pageant in my startup folder so I'm prompted for the passphrase when I log in. My decrypted key is stored in memory until I log out and/or reboot. When the machine is off my key is still passphrase-protected, encrypted, and unreadable without reading my mind.