I needed to run git natively in windows (no wsl) for a recent project. I use ssh certificates with passphrases to authenticate with my git provider.
Ssh requires the certificate passphrase every time you use a connection. It's annoying typing this passphrase in to terminal when using a git
command.
The Problem
On most *nix systems there is an ssh-agent installed that will store your pass phrases so you don't have to enter them when using Git with ssh.
Ssh-agent is harder to configure on windows because some of the default settings and paths are different to *nix systems.
I didn’t want to use Git for Windows because it uses GitBash. I couldn’t use WSL because I wanted git to work on any terminal in windows.
These are the steps I had to research to use Git on Windows with the built in Windows ssh-agent.
Note: You must be an administrator to perform the required actions.
Open ssl on Windows
If you use Windows 10 or higher there is a built-in openssl instance. You can turn it on in the Optional Features settings pane.
Microsoft provide more instructions here: https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui
Follow the instructions to install it if you don’t have it.
A note on certificates
I’ll assume that you have ssh certificates available and any ssh aliases are set in the config file
The default location for the config file on windows is
$HOME\.ssh\config
You should create that file if you need ssh aliases. You can read more about this in my article on ssh for git accounts - https://www.darraghoriordan.com/2021/05/04/configure-multiple-github-accounts-one-computer/
Enabling Ssh agent
Open a powershell terminal as administrator and run the following to have ssh-agent available.
# Have ssh agent start automatically
Get-Service ssh-agent | Set-Service -StartupType Automatic
# Start ssh agent now
Start-Service ssh-agent
# Should work successfully
Get-Service ssh-agent
Configure git to use Windows ssh
# tell git to use ssh.exe
git config --global core.sshCommand "'C:\Windows\System32\OpenSSH\ssh.exe'"
Load keys into ssh agent
Copy your keys into a folder that ssh-agent can access. Anywhere in the $HOME/.ssh
should be ok.
Then add the key to ssh-agent. You will be prompted for a password and ssh agent will remember it for you.
ssh-add "C:\Users\darragh\.ssh\authorized_keys\darraghPersonalGithub"
Top comments (3)
I don't think you're making it clear why you'd want to run the SSH Agent rather than just an SSH Client.
Thanks for the feedback! I updated the intro and added a "The Problem" section to describe storing passphrases
Ah, well that now makes it even more interesting. Even though the place where I use Windows 10 is also where I don't have admin for it, I wasn't aware that the agent "will store your pass phrases" in any way. I had just assumed the agent was about providing an ability to be the non-initiator of an SSH connection.