If you log in on CentOS (or Ubuntu or anything Linux and modern) using a graphical console >>DO NOT START ssh-agent<<. The standard startup scripts run one for you, and when you log out it dies. I assume that's what you want. The 'deamon' version is designed to run the following way in a .profile/.bash_profile: eval `ssh-agent` The output of ssh-agent is evaluated by the shell, which adds the right environment variables so ssh and ssh-add can find it. To kill it run "ssh-agent -k", which uses the environment variables to find the daemon and kill it. Now if you just run 'ssh-agent' that does not happen, so that particular instance does not get used. Assuming you did the following: 1) just run plain "ssh-agent" (no eval) 2) run "ssh-add" the agent that actually held your keys was started by some system script, and was terminated when you logged out, so there was no security issue. You just were creating unused agents to float around 'till reboot time. I hope this cuts down some of the confusion. Gé