.ssh/config file for windows (git)
If you use "Git for Windows"
>cd c:\Program Files\Git\etc\ssh\
add to ssh_config following:
AddKeysToAgent yes
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_rsa_test
ps. you need ssh version >= 7.2 (date of release 2016-02-28)
These instructions work fine in Linux. In Windows, they are not working for me today.
I found an answer that helps for me, maybe this will help OP. I kissed a lot of frogs trying to solve this. You need to add your new non-standard-named key file with "ssh-add"! Here's instruction for the magic bullet: Generating a new SSH key and adding it to the ssh-agent. Once you know the magic search terms are "add key with ssh-add in windows" you find plenty of other links.
If I were using Windows often, I'd find some way to make this permanent. https://github.com/raeesbhatti/ssh-agent-helper.
The ssh key agent looks for default "id_rsa" and other keys it knows about. The key you create with a non-standard name must be added to the ssh key agent.
First, I start the key agent in the Git BASH shell:
$ eval $(ssh-agent -s)
Agent pid 6276
$ ssh-add ~/.ssh/Paul_Johnson-windowsvm-20180318
Enter passphrase for /c/Users/pauljohn32/.ssh/Paul_Johnson-windowsvm-20180318:
Identity added: /c/Users/pauljohn32/.ssh/Paul_Johnson-windowsvm-20180318 (/c/Users/pauljohn32/.ssh/Paul_Johnson-windowsvm-20180318)
Then I change to the directory where I want to clone the repo
$ cd ~/Documents/GIT/
$ git clone [email protected]:test/spr2018.git
Cloning into 'spr2018'...
remote: Counting objects: 3, done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
I fought with this for a long long time.
Here are other things I tried along the way
At first I was certain it is because of file and folder permissions. On Linux, I have seen .ssh settings rejected if the folder is not set at 700. Windows has 711. In Windows, I cannot find any way to make permissions 700.
After fighting with that, I think it must not be the problem. Here's why. If the key is named "id_rsa" then git works! Git is able to connect to server. However, if I name the key file something else, and fix the config file in a consistent way, no matter what, then git fails to connect. That makes me think permissions are not the problem.
A thing you can do to debug this problem is to watch verbose output from ssh commands using the configured key.
In the git bash shell, run this
$ ssh -T git@name-of-your-server
Note, the user name should be "git" here. If your key is set up and the config file is found, you see this, as I just tested in my Linux system:
$ ssh -T [email protected]
Welcome to GitLab, Paul E. Johnson!
On the other hand, in Windows I have same trouble you do before applying "ssh-add". It wants git's password, which is always a fail.
$ ssh -T [email protected]
[email protected]'s password:
Again, If i manually copy my key to "id_rsa" and "id_rsa.pub", then this works fine. After running ssh-add, observe the victory in Windows Git BASH:
$ ssh -T [email protected]
Welcome to GitLab, Paul E. Johnson!
You would hear the sound of me dancing with joy if you were here.
To figure out what was going wrong, you can I run 'ssh' with "-Tvv"
In Linux, I see this when it succeeds:
debug1: Offering RSA public key: pauljohn@pols124
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp SHA256:bCoIWSXE5fkOID4Kj9Axt2UOVsRZz9JW91RQDUoasVo
debug1: Authentication succeeded (publickey).
In Windows, when this fails, I see it looking for default names:
debug1: Found key in /c/Users/pauljohn32/.ssh/known_hosts:1
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /c/Users/pauljohn32/.ssh/id_rsa (0x0)
debug2: key: /c/Users/pauljohn32/.ssh/id_dsa (0x0)
debug2: key: /c/Users/pauljohn32/.ssh/id_ecdsa (0x0)
debug2: key: /c/Users/pauljohn32/.ssh/id_ed25519 (0x0)
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/pauljohn32/.ssh/id_rsa
debug1: Trying private key: /c/Users/pauljohn32/.ssh/id_dsa
debug1: Trying private key: /c/Users/pauljohn32/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/pauljohn32/.ssh/id_ed25519
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
[email protected]'s password:
That was the hint I needed, it says it finds my ~/.ssh/config file but never tries the key I want it to try.
I only use Windows once in a long while and it is frustrating. Maybe the people who use Windows all the time fix this and forget it.
You can use multiple ssh keys on Windows 10 and specify the type of access allowed.
Assuming you have created the ssh secure keys already and they were stored in C:\Users\[User]\.ssh
Open the folder
C:\Users\[User]\.ssh
Create the file
config
(no file extension)Open the file in a text editor like Notepad, and add these configuration details for the first remote host and user. Keep both CMD and BASH paths or only pick one format. Then copy-and-paste below it for the other host/user combinations and amend as required. Save the file.
Host [git.domain.com] User [user] Port [number] IdentitiesOnly=yes PreferredAuthentications publickey PasswordAuthentication no # CMD IdentityFile C:\Users\[User]\.ssh\[name_of_PRIVATE_key_file] # BASH IdentityFile /c/Users/[User]/.ssh/[name_of_PRIVATE_key_file]
Testing
- Using Bash (Git for Windows)
$ ssh -T git@[git.domain.com] Welcome to GitLab, @[User]!
- Using Commandline (requires activation of Win 10 OpenSSH Client)
C:\Users\[User]>ssh -T git@[git.domain.com] Welcome to GitLab, @[User]!
- For troubleshooting use
ssh -Tv git@[git.domain.com]
(or-Tvv
or-Tvvv
for higher verbosity levels).