Adding ssh key in WSL permanently

wsl2 ssh-agent

I am relatively new to Linux. Using Ubuntu on WSL2. I added a private key for github with no passphrase using ssh-add. I used it a few times throughout the session but the next day I couldn't connect. When I list all keys using ssh-add -l there aren't any.

Am I supposed to add the key for every session or create an automation for it? Or is this a normal (lack of) persistence behaviour with WSL?


Standard OpenSSH ssh-agent indeed has no persistence. The problem is that it has nowhere to safely store the decrypted keys. (If it stored them on disk, that would be no better than the key files that you already have.)

Only the "OpenSSH for Windows" ssh-agent service in Windows 10 has persistence built-in, but that's a custom feature added by Microsoft, and it works because Windows has a generic OS-level data protection feature – the SSH keys remain encrypted with your login password – which is not universal at all in the Linux/BSD world.

(And similarly, the full version of Ubuntu (with graphical interface) replaces ssh-agent with GNOME Keyring, which is a password storage service (similar to "Credential Manager" in Windows) and automatically loads your SSH keys using the passphrase stored in the Keyring. This probably won't work in WSL2.)

So yes, you're supposed to start ssh-agent and load keys into it every time the computer is started. For example, you can adjust your ~/.profile in WSL-Ubuntu to automatically load keys (you'll still get a passphrase prompt, just won't need to run ssh-add) – there are several posts about doing this.

The GnuPG gpg-agent can be configured to emulate an ssh-agent but with persistence – though it still relies on something else to remember the passphrase across reboots (such as the aforementioned GNOME Keyring), so within WSL it will only save you the need to run ssh-add at most.

There are a few projects on GitHub which bridge all signing requests to an SSH agent that runs outside of WSL, e.g. the Linux 'ssh' thinks it's talking to a Linux ssh-agent but it's really talking either to the Windows ssh-agent, or even to PuTTY's Pageant.

Related

How do I remap cap lock to make other keys act different?
Why I can not find shared folder in my pc?
How do I stop Ubuntu from intercepting the super key when running VMware?
Maya Calendar from Elementary OS on Ubuntu
How can I easily install missing hplip dependencies?
How to create workspaces in Ubuntu 20.04 [duplicate]
Manage passwords in Chromium --> security risk?
Is there a way to use JAVA on Ubuntu after FF stopped NPAPI support?
How do I set the hotkey Print to Rectangular Region in Spectacle?
Update Manager says 'Not all updates can be installed'
Playing Sound with Ubuntu QML Toolkit preview
How can I "Turn On" Chrome remote desktop in Ubuntu 20.04?