How to maintain ssh-agent login session with Windows 10's new OpenSSH and PowerShell

windows-10 ssh powershell openssh windows-10-v1803

You must configure OpenSSH Authentication Agent service to automatically start (or you can start it manually everytime when opening your powershell for the first time: Start-Service ssh-agent).

After that, you need to ssh-add C:\path\to\your\ssh\key\id_rsa only once. After that, everytime the ssh-agent is started, the key will be there. You can check with ssh-add -l.

EDIT: To have SSH agent to automatically start with Windows, you can run Set-Service ssh-agent -StartupType Automatic on a super-user powershell prompt.


Not a full answer, but still a solution to the problem that brought me here. (I also see a comment from one other person here that seems to be the same problem.)

If you have Git for Windows or MinGW or anything else which might add GNU utilities to your Windows path, that can interfere with the OpenSSH for Windows binaries. For me, I had to remove ProgramFiles/Git/bin from my PATH environment variable and then restart PowerShell in order to get this to work. Prior to that I was getting "communication with agent failed"


In addition to what's covered here, I ran into an issue getting it to work with Git because apparently Git uses its own SSH executable by default. To solve this, you need to set core.sshCommand in your Git config to point to the OpenSSH executable installed by Windows. This article is where I found the solution, and it covers all the steps of the process of setting up SSH in Windows: https://richardballard.co.uk/ssh-keys-on-windows-10/.


I knew it was advised against (partly due to this blog post: http://rabexc.org/posts/pitfalls-of-ssh-agents) - which is what made me get Keychain for Ubuntu.

In light of this argument I must warn you against using ssh-agent from the PowerShell port of openssh as it silently uses ondisk storage of your keys in the Registry. See my own question (and answer) where-does-windows-openssh-ssh-agent-service-secretly-store-private-keys for a full explanation.

Essentially there are 3 problems with it:

  1. It stores secret keys ON DISK - never use in a shared or guest situation
  2. (traces of) Secret keys remain ON DISK after deletion
  3. PoweShell implementation does not conform to the openssh manual page ssh-agent.1 in key aspects of security.

Related

How can I restore a lost Chrome session?
What is Chrome default cache size limit?
Why is the gif I created so slow?
How to install more voices to Windows Speech?
How to specify private key when decrypting a file using GnuPG?
With ssh, how can you run a command on the remote machine WITHOUT EXITING?
Accidentally sourced .bash_history
How can I change the focus in Excel to the formula bar via the keyboard?
What is the difference between chkdsk /f and chkdsk /r?
A more comfortable way to edit a long $PATH?
Why are there so many pins on a SATA power connector?
How to get `top` for a specific user only?