Running SSH Agent when starting Git Bash on Windows
P.S: These instructions are in context of a Bash shell opened in Windows 10 Linux Subsystem and doesn't mention about sym-linking SSH keys generated in Windows with Bash on Ubuntu on Windows
1) Update your .bashrc by adding following in it
# Set up ssh-agent
SSH_ENV="$HOME/.ssh/environment"
function start_agent {
echo "Initializing new SSH agent..."
touch $SSH_ENV
chmod 600 "${SSH_ENV}"
/usr/bin/ssh-agent | sed 's/^echo/#echo/' >> "${SSH_ENV}"
. "${SSH_ENV}" > /dev/null
/usr/bin/ssh-add
}
# Source SSH settings, if applicable
if [ -f "${SSH_ENV}" ]; then
. "${SSH_ENV}" > /dev/null
kill -0 $SSH_AGENT_PID 2>/dev/null || {
start_agent
}
else
start_agent
fi
2) Then run $ source ~/.bashrc
to reload your config.
The above steps have been taken from https://github.com/abergs/ubuntuonwindows#2-start-an-bash-ssh-agent-on-launch
3) Create a SSH config file, if not present. Use following command for creating a new one: .ssh$ touch config
4) Add following to ~/.ssh/config
Host github.com-<YOUR_GITHUB_USERNAME>
HostName github.com
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_work_gmail # path to your private key
AddKeysToAgent yes
Host csexperimental.abc.com
IdentityFile ~/.ssh/id_work_gmail # path to your private key
AddKeysToAgent yes
<More hosts and github configs can be added in similar manner mentioned above>
5) Add your key to SSH agent using command $ ssh-add ~/.ssh/id_work_gmail
and then you should be able to connect to your github account or remote host using ssh. For e.g. in context of above code examples:
$ ssh github.com-<YOUR_GITHUB_USERNAME>
or
$ ssh <USER>@csexperimental.abc.com
This adding of key to the SSH agent should be required to be performed only one-time.
6) Now logout of your Bash session on Windows Linux Subsystem i.e. exit all the Bash consoles again and start a new console again and try to SSH to your Github Host or other host as configured in SSH config file and it should work without needing any extra steps.
Note:
If you face
Bad owner or permissions on ~/.ssh/config
then update the permissions using the commandchmod 600 ~/.ssh/config
. Reference: https://serverfault.com/a/253314/98910For the above steps to work you will need OpenSSH v 7.2 and newer. If you have older one you can upgrade it using the steps mentioned at https://stackoverflow.com/a/41555393/936494
The same details can be found in the gist Windows 10 Linux Subsystem SSH-agent issues
Thanks.
If the goal is to be able to push to a GitHub repo whenever you want to, then in Windows under C:\Users\tiago\.ssh
where the keys are stored (at least in my case), create a file named config and add the following in it
Host github.com
HostName github.com
User your_user_name
IdentityFile ~/.ssh/your_file_name
Then simply open Git Bash and you'll be able to push without having to manually start the ssh-agent and adding the key.
2013: In a git bash
session, you can add a script to ~/.profile
or ~/.bashrc
(with ~
being usually set to %USERPROFILE%
), in order for said session to launch automatically the ssh-agent
.
If the file doesn't exist, just create it.
This is what GitHub describes in "Working with SSH key passphrases".
The "Auto-launching ssh-agent on Git for Windows" section of that article has a robust script that checks if the agent is running or not.
Below is just a snippet, see the GitHub article for the full solution.
# This is just a snippet. See the article above.
if ! agent_is_running; then
agent_start
ssh-add
elif ! agent_has_keys; then
ssh-add
fi
Other Resources:
"Getting ssh-agent to work with git run from windows command shell" has a similar script, but I'd refer to the GitHub article above primarily, which is more robust and up to date.
hardsetting
adds in the comments (2018):
If you want to enter the passphrase the first time you need it, and not when opening a shell, the cleanest way to me is:
- removing the
ssh-add
from the.bash_profile
, and- adding "
AddKeysToAgent yes
" to your.ssh/config
file (see "How to makessh-agent
automatically add the key on demand?").This way you don't even have to remember running
ssh-add
.
And Tao adds in the comments (2022):
It's worth noting why this script makes particular sense in Windows, vs (for example) the more standard linuxey script noted by @JigneshGohel in another answer:
By not relying on the
SSH_AGENT_PID
at all, this script works across different msys & cygwin environments.
An agent can be started in msys2, and still used ingit bash
, as theSSH_AUTH_SOCK
path can be reached in either environment.
The PID from one environment cannot be queried in the other, so a PID-based approach keeps resetting/creating newssh-agent
processes on each switch.