SSH key updating with systemd

2025-12-22

This is a follow-up to a blog post I did a long while ago on how to set up persistent access with SSH keys. Nowadays, it’s hard to find a Linux system that doesn’t have systemd, and crontab is sometimes not even installed.

So, in case you are on one of those machines, here’s how you can use that script with a service and systemd.timer unit file, that does the exact same thing as crontab.

Create the systemd unit files

Since updating our SSH keys can be done with user privileges, we will make a user unit file.

mkdir -p ~/.config/systemd/user
touch ~/.config/systemd/user/ssh-key-update.service

Now, paste in the following with your editor of choice:

[Unit]
Description=Update SSH keys from GitHub

[Service]
ExecStart=/path/to/update-ssh.sh

Next, we need to make a timer that will run our ssh-key-update systemd service.

touch ~/.config/systemd/user/ssh-key-update.timer

Paste in the following:

[Unit]
Description=Update SSH keys from GitHub

[Timer]
OnBootSec=5min
OnUnitActiveSec=5min
Unit=ssh-key-update.service

[Install]
WantedBy=timers.target

Enable and start the timer

Run:

systemctl --user enable --now ssh-key-update.timer

You will see that your SSH keys will periodically be fetched and saved like before. However, when you log out, updates will stop.

Enable lingering

Run:

loginctl enable-linger

This will enable lingering, which will allow systemd.timers to continue running even if you are not signed in.

---