Git for windows ssh agent

asked Aug 23, 2013 at 13:37

2013: In a git bash session, you can add a script to ~/.profile or ~/.bashrc (with ~ being usually set to %USERPROFILE%), in order for said session to launch automatically the ssh-agent.
If the file doesn’t exist, just create it.

This is what GitHub describes in «Working with SSH key passphrases».

The «Auto-launching ssh-agent on Git for Windows» section of that article has a robust script that checks if the agent is running or not.
Below is just a snippet, see the GitHub article for the full solution.

# This is just a snippet. See the article above.
if ! agent_is_running; then
    agent_start
    ssh-add
elif ! agent_has_keys; then
    ssh-add
fi

Other Resources:

«Getting ssh-agent to work with git run from windows command shell» has a similar script, but I’d refer to the GitHub article above primarily, which is more robust and up to date.

hardsetting adds in the comments (2018):

If you want to enter the passphrase the first time you need it, and not when opening a shell, the cleanest way to me is:

• removing the ssh-add from the .bash_profile, and
• adding «AddKeysToAgent yes» to your .ssh/config file (see «How to make ssh-agent automatically add the key on demand?»).

This way you don’t even have to remember running ssh-add.

And Tao adds in the comments (2022):

It’s worth noting why this script makes particular sense in Windows, vs (for example) the more standard linuxey script noted by @JigneshGohel in another answer:

By not relying on the SSH_AGENT_PID at all, this script works across different msys & cygwin environments.
An agent can be started in msys2, and still used in git bash, as the SSH_AUTH_SOCK path can be reached in either environment.
The PID from one environment cannot be queried in the other, so a PID-based approach keeps resetting/creating new ssh-agent processes on each switch.

answered Aug 23, 2013 at 13:50

P.S: These instructions are in context of a Bash shell opened in Windows 10 Linux Subsystem and doesn’t mention about sym-linking SSH keys generated in Windows with Bash on Ubuntu on Windows

1) Update your .bashrc by adding following in it

# Set up ssh-agent
SSH_ENV="$HOME/.ssh/environment"

function start_agent {
    echo "Initializing new SSH agent..."
    touch $SSH_ENV
    chmod 600 "${SSH_ENV}"
    /usr/bin/ssh-agent | sed 's/^echo/#echo/' >> "${SSH_ENV}"
    . "${SSH_ENV}" > /dev/null
    /usr/bin/ssh-add
}

# Source SSH settings, if applicable
if [ -f "${SSH_ENV}" ]; then
    . "${SSH_ENV}" > /dev/null
    kill -0 $SSH_AGENT_PID 2>/dev/null || {
        start_agent
    }
else
    start_agent
fi

2) Then run $ source ~/.bashrc to reload your config.

The above steps have been taken from https://github.com/abergs/ubuntuonwindows#2-start-an-bash-ssh-agent-on-launch

3) Create a SSH config file, if not present. Use following command for creating a new one: .ssh$ touch config

4) Add following to ~/.ssh/config

Host github.com-<YOUR_GITHUB_USERNAME> 
HostName github.com
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_work_gmail # path to your private key
AddKeysToAgent yes


Host csexperimental.abc.com
IdentityFile ~/.ssh/id_work_gmail # path to your private key
AddKeysToAgent yes

<More hosts and github configs can be added in similar manner mentioned above>

5) Add your key to SSH agent using command $ ssh-add ~/.ssh/id_work_gmail and then you should be able to connect to your github account or remote host using ssh. For e.g. in context of above code examples:

$ ssh github.com-<YOUR_GITHUB_USERNAME>

or

$ ssh <USER>@csexperimental.abc.com

This adding of key to the SSH agent should be required to be performed only one-time.

6) Now logout of your Bash session on Windows Linux Subsystem i.e. exit all the Bash consoles again and start a new console again and try to SSH to your Github Host or other host as configured in SSH config file and it should work without needing any extra steps.

Note:

• If you face Bad owner or permissions on ~/.ssh/config then update the permissions using the command chmod 600 ~/.ssh/config. Reference: https://serverfault.com/a/253314/98910

• For the above steps to work you will need OpenSSH v 7.2 and newer. If you have older one you can upgrade it using the steps mentioned at https://stackoverflow.com/a/41555393/936494

• The same details can be found in the gist Windows 10 Linux Subsystem SSH-agent issues

Thanks.

answered Aug 8, 2017 at 8:14

If the goal is to be able to push to a GitHub repo whenever you want to, then in Windows under C:\Users\tiago\.ssh where the keys are stored (at least in my case), create a file named config and add the following in it

Host github.com
    HostName github.com
    User your_user_name
    IdentityFile ~/.ssh/your_file_name

Then simply open Git Bash and you’ll be able to push without having to manually start the ssh-agent and adding the key.

answered Jan 19, 2021 at 12:26

AlasdairAlasdair

911 silver badge1 bronze badge

AmbrownAmbrown

3612 silver badges8 bronze badges

mzamza

1112 silver badges4 bronze badges

As I don’t like using putty in Windows as a workaround, I created a very simple utility ssh-agent-wrapper. It scans your .ssh folders and adds all your keys to the agent. You simply need to put it into Windows startup folder for it to work.

Assumptions:

• ssh-agent in path
• shh-add in path (both by choosing the «RED» option when installing git
• private keys are in %USERPROFILE%/.ssh folder
• private keys names start with id (e.g. id_rsa)

answered Jul 28, 2017 at 5:14

Create a new .bashrc file in your ~ directory.

There you can put your commands that you want executed everytime you start the bash

answered Aug 23, 2013 at 13:50

I wrote a script and created a git repository, which solves this issue here: https://github.com/Cazaimi/boot-github-shell-win .

The readme contains instructions on how to set the script up, so that each time you open a new window/tab the private key is added to ssh-agent automatically, and you don’t have to worry about this, if you’re working with remote git repositories.

answered Dec 27, 2020 at 13:40

@VonC provided an excellent answer here.

I just want to provide the full script and all instructions in one place.

Reference these instructions here: https://docs.github.com/en/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases?platform=windows

How to get ssh-agent to load your private ssh keys and require their passwords only once per boot in Windows

Tested in Windows 10 with Git For Windows 2.41.0-64-bit.

1. In Git Bash, create your ~/.bashrc file

   # Create your `~/.bashrc` file (usually at `/c/Users/myusername/.bashrc`)
   touch ~/.bashrc
   

2. In your editor of choice, edit that file now, and paste the following into the bottom of it. This script is from here. I only added the top and bottom comments, and the echo commands:

   # -------------------------------- START -----------------------------------
   # Auto-launch the ssh-agent and load all private keys on Git for Windows
   # Copied from: https://stackoverflow.com/a/76568760/4561887
   env=~/.ssh/agent.env
   
   agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
   
   agent_start () {
       (umask 077; ssh-agent >| "$env")
       . "$env" >| /dev/null ; }
   
   agent_load_env
   
   # agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2=agent not
   # running
   agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
   
   if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
       echo "Starting ssh-agent and adding your private keys."
       agent_start
       ssh-add
   elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
       echo "Adding your private keys to ssh-agent."
       ssh-add
   fi
   
   unset env
   # -------------------------------- END -------------------------------------
   

3. Make Git Bash re-source the ~/.bashrc file changes.

   Either: manually re-source your ~/.bashrc file with . ~/.bashrc, or:

   close and re-open all Git Bash terminal windows.

   This auto-starts the ssh-agent, due to the script above you just added to your ~/.bashrc file.

4. Add all private keys to your ssh-agent, if needed:

   Private keys with standard paths, such as ~/.ssh/id_ed25519 or ~/.ssh/id_rsa, are automatically added by the script when it calls ssh-add. However, if you have private keys with custom names or paths, add them now:

   ssh-add path/to/my/keys/id_ed25519
   ssh-add path/to/my/keys/id_rsa_custom_name
   # etc. 
   

5. That’s it! As the tutorial says:

   The ssh-agent process will continue to run until you log out, shut down your computer, or kill the process.

   Now, you only have to type each ssh key’s private password once per Windows reboot, rather than once per git push or git pull-type operation, or once per Git Bash terminal, both of which were obnoxious options.

See also

1. I’d also like to point out an alternative, well-documented solution by Atlassian and Bitbucket, here: https://support.atlassian.com/bitbucket-cloud/docs/set-up-personal-ssh-keys-on-windows/. In this solution, they require explicitly installing the Windows version of OpenSSH, as well as running some commands in the Windows PowerShell, and having Git Bash use the Windows version of OpenSSH. This is significantly different from my solution above, but it also works. I prefer my solution above, however, as I think it’s easier, faster, and more-universal, and it doesn’t require tinkering with Windows executables or PowerShell commands. Instead, it uses just the tools packaged with and provided by Git for Windows.

answered Jun 27 at 21:32

oklasoklas

7,9552 gold badges26 silver badges42 bronze badges