Running SSH Agent when starting Git Bash on Windows
WindowsSshGit BashWindows Problem Overview
I am using git bash. I have to use
eval `ssh-agent.exe`
ssh-add /my/ssh/location/
every time when I start a new git bash.
Is there a way to set ssh agent permanently? Or does windows has a good way to manage the ssh keys?
I'm a new guy, please give me detailed tutorial, thanks!
Windows Solutions
Solution 1 - Windows
In a git bash session, you can add a script to ~/.profile
or ~/.bashrc
(with ~
being usually set to %USERPROFILE%
), in order for said session to launch automatically the ssh-agent
. If the file doesn't exist, just create it.
This is what GitHub describes in "Working with SSH key passphrases".
The "Auto-launching ssh-agent on Git for Windows" section of that article has a robust script that checks if the agent is running or not. Below is just a snippet, see the GitHub article for the full solution.
# This is just a snippet. See the article above.
if ! agent_is_running; then
agent_start
ssh-add
elif ! agent_has_keys; then
ssh-add
fi
Other Resources:
"Getting ssh-agent to work with git run from windows command shell" has a similar script, but I'd refer to the GitHub article above primarily, which is more robust and up to date.
Solution 2 - Windows
P.S: These instructions are in context of a Bash shell opened in Windows 10 Linux Subsystem and doesn't mention about sym-linking SSH keys generated in Windows with Bash on Ubuntu on Windows
-
Update your .bashrc by adding following in it
Set up ssh-agent
SSH_ENV="$HOME/.ssh/environment"
function start_agent { echo "Initializing new SSH agent..." touch $SSH_ENV chmod 600 "${SSH_ENV}" /usr/bin/ssh-agent | sed 's/^echo/#echo/' >> "${SSH_ENV}" . "${SSH_ENV}" > /dev/null /usr/bin/ssh-add }
Source SSH settings, if applicable
if [ -f "${SSH_ENV}" ]; then . "${SSH_ENV}" > /dev/null kill -0 $SSH_AGENT_PID 2>/dev/null || { start_agent } else start_agent fi
-
Then run
$ source ~/.bashrc
to reload your config.
The above steps have been taken from https://github.com/abergs/ubuntuonwindows#2-start-an-bash-ssh-agent-on-launch
-
Create a SSH config file, if not present. Use following command for creating a new one:
.ssh$ touch config
-
Add following to
~/.ssh/config
Host github.com-
HostName github.com User git PreferredAuthentications publickey IdentityFile ~/.ssh/id_work_gmail # path to your private key AddKeysToAgent yes Host csexperimental.abc.com IdentityFile ~/.ssh/id_work_gmail # path to your private key AddKeysToAgent yes
-
Add your key to SSH agent using command
$ ssh-add ~/.ssh/id_work_gmail
and then you should be able to connect to your github account or remote host using ssh. For e.g. in context of above code examples:$ ssh github.com-
or
$ ssh <USER>@csexperimental.abc.com
This adding of key to the SSH agent should be required to be performed only one-time.
- Now logout of your Bash session on Windows Linux Subsystem i.e. exit all the Bash consoles again and start a new console again and try to SSH to your Github Host or other host as configured in SSH config file and it should work without needing any extra steps.
Note:
-
If you face
Bad owner or permissions on ~/.ssh/config
then update the permissions using the commandchmod 600 ~/.ssh/config
. Reference: https://serverfault.com/a/253314/98910 -
For the above steps to work you will need OpenSSH v 7.2 and newer. If you have older one you can upgrade it using the steps mentioned at https://stackoverflow.com/a/41555393/936494
-
The same details can be found in the gist Windows 10 Linux Subsystem SSH-agent issues
Thanks.
Solution 3 - Windows
If the goal is to be able to push to a GitHub repo whenever you want to, then in Windows under C:\Users\tiago\.ssh
where the keys are stored (at least in my case), create a file named config and add the following in it
Host github.com
HostName github.com
User your_user_name
IdentityFile ~/.ssh/your_file_name
Then simply open Git Bash and you'll be able to push without having to manually start the ssh-agent and adding the key.
Solution 4 - Windows
I found the smoothest way to achieve this was using Pageant as the SSH agent and plink.
You need to have a putty session configured for the hostname that is used in your remote.
You will also need plink.exe which can be downloaded from the same site as putty.
And you need Pageant running with your key loaded. I have a shortcut to pageant in my startup folder that loads my SSH key when I log in.
When you install git-scm you can then specify it to use tortoise/plink rather than OpenSSH.
The net effect is you can open git-bash whenever you like and push/pull without being challenged for passphrases.
Same applies with putty and WinSCP sessions when pageant has your key loaded. It makes life a hell of a lot easier (and secure).
Solution 5 - Windows
I could not get this to work based off the best answer, probably because I'm such a PC noob and missing something obvious. But just FYI in case it helps someone as challenged as me, what has FINALLY worked was through one of the links here (referenced in the answers). This involved simply pasting the following to my .bash_profile
:
env=~/.ssh/agent.env
agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
agent_start () {
(umask 077; ssh-agent >| "$env")
. "$env" >| /dev/null ; }
agent_load_env
# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
agent_start
ssh-add
elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
ssh-add
fi
unset env
I probably have something configured weird, but was not successful when I added it to my .profile
or .bashrc
. The other real challenge I've run into is I'm not an admin on this computer and can't change the environment variables without getting it approved by IT, so this is a solution for those that can't access that.
You know it's working if you're prompted for your ssh password when you open git bash. Hallelujah something finally worked.
Solution 6 - Windows
Put this in your ~/.bashrc (or a file that's source'd from it) which will stop it from being run multiple times unnecessarily per shell:
if [ -z "$SSH_AGENT_PID" ]; then
eval `ssh-agent -s`
fi
And then add "AddKeysToAgent yes" to ~/.ssh/config:
Host *
AddKeysToAgent yes
ssh to your server (or git pull) normally and you'll only be asked for password/passphrase once per session.
Solution 7 - Windows
As I don't like using putty in Windows as a workaround, I created a very simple utility ssh-agent-wrapper. It scans your .ssh folders and adds all your keys to the agent. You simply need to put it into Windows startup folder for it to work.
Assumptions:
- ssh-agent in path
- shh-add in path (both by choosing the "RED" option when installing git
- private keys are in %USERPROFILE%/.ssh folder
- private keys names start with id (e.g. id_rsa)
Solution 8 - Windows
I wrote a script and created a git repository, which solves this issue here: https://github.com/Cazaimi/boot-github-shell-win .
The readme contains instructions on how to set the script up, so that each time you open a new window/tab the private key is added to ssh-agent
automatically, and you don't have to worry about this, if you're working with remote git repositories.
Solution 9 - Windows
Create a new .bashrc file in your ~ directory.
There you can put your commands that you want executed everytime you start the bash
Solution 10 - Windows
Simple two string solution from this answer:
For sh, bash, etc:
# ~/.profile
if ! pgrep -q -U `whoami` -x 'ssh-agent'; then ssh-agent -s > ~/.ssh-agent.sh; fi
. ~/.ssh-agent.sh
For csh, tcsh, etc:
# ~/.schrc
sh -c 'if ! pgrep -q -U `whoami` -x 'ssh-agent'; then ssh-agent -c > ~/.ssh-agent.tcsh; fi'
eval `cat ~/.ssh-agent.tcsh`