What should I do to private key after adding it to ssh-agent?

Question

I created a key with ssh-keygen and added it to ssh-agent successfully.

All I know about ssh-agent is that it will encrypt my private key and enable ssh connection without using passphrase each time.

I am curious if I can delete the keys in ~/.ssh directory after adding them to ssh-agent because when I try to see the private key, I can see it just like before.

I guess I do not understand how ssh-agent is helping with security here because if anyone has access to my machine, they can easily see my private key.

Answer 1

The ssh-agent is an helper program that keeps track of user's identity keys (ie private keys) and their passphrases.
The agent can then use the keys to log into other servers without having the user type in a password or passphrase again.

So the ssh-agent actually needs the private key to operate correctly (that is, to cache the passphrase, and reuse said passphrase when the private key is used).

Do not delete your private keys!
As long as their are in your home folder, in a 600 .ssh subfolder, nobody but you can access them.