Just add AddKeysToAgent yes line to the ~/.ssh/config, and the password will be asked only once.
Often a script consists of multiple ssh/rsync commands, and each one will ask an ssh key passphrase, which is obnoxious. For that, there is an ssh-agent, which basically holds ssh private key in memory unencrypted all the time it is running, for ssh commands to use it when they need.
In order to load unencrypted key into ssh-agent, just use a command:
ssh-add
it will ask a passphrase for the key, and then will decrypt the private key into memory. All subsequent ssh or rsync commands will now work without asking the passphrase.
To remove all of the decrypted keys from the ssh-agent's memory, just run this:
ssh-add -D
Now we're back to normal. On macOS decrypted keys persist until reboot.
https://smallstep.com/blog/ssh-agent-explained/
https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
https://www.markusdosch.com/2021/03/how-to-enter-your-ssh-key-passphrase-only-once-per-terminal-session/
https://unix.stackexchange.com/questions/132791/have-ssh-add-be-quiet-if-key-already-there