Dereckson Dev , ,

Use ssh-agent on Windows

ssh-agent is a part of OpenSSH to setup an agent. An agent is a piece of software to store the private keys in memory and ease agent forwarding. This is a requirement to painless SSH operations.

Mark A. Hershberger explains here a popular way to configure ssh-agent on UNIX system.

When you launch the agent a first time (for example at boot time), it will store the PID and socket file into environment variables (SSH_AGENT_PID and SSH_AUTH_SOCK). The goal of the game is to set these environment variables on every session you’ll launch.

On Windows systems, well… whether you use only your cygwin terminal, whether you script something usable for Windows console or PowerShell sessions. But then, you won’t be able to access your agent from most GUI applications using SSH (some like ActiveState Komodo will allow you to tweak environment variables).

When PuTTY utilities aren’t enough — The ControlMaster story.

At the time of the writing, the popular way is the Windows GUI SSH world is to use the PuTTY products Pageant and plink. That’s fine and works very well, except one caveat: you don’t have the possibility to use ControlMaster.

ControlMaster is an OpenSSH feature to multiplex SSH connections. If you have an open master SSH connection to the server X, you can get a new connection to X without the need to authenticate again. This speeds a lot operations like save a file, launch a version control or debug command (my main scenario use: when I’m writing OS-dependant PHP code I like to test it on Windows and FreeBSD). On my workstation, ssh server hostname with ControlMaster is instantaneous, plink server hostname requires 2 seconds.

A patch: ssh-agent -x

So, to let my fellow Cygwin OpenSSH users the capability to use also scp and ssh with an universally-available agent, I prepared this patch for ssh-agent.c to add a new -x parameter.

This patch applies against the portable OpenSSH version.

To compile OpenSSH on Cygwin you need autoconf and zlib.

Once recompiled with this patch, to launch once for all your agent:
ssh-agent -x
ssh-add [path to key if not in .ssh/]

And enjoy it until your next shutdown or logout.

Alternatives

  • An alternative but non consensual solution is win-ssh-agent, a GUI wrapper written by TAGA Nayuta.
  • To launch GUI software from a shell with the environment variables to propagate such environment, like explained supra in this blog post or here.
  • If you use both PuTTY and OpenSSH, you’ll find interesting ssh-pageant from Josh Stone.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

FreeBSD port update: devel/git-review
Thimbl client – Tools