How do I tell Git for Windows where to find my private RSA key?
Solution 1
For Git Bash
If you are running msysgit (I am assuming you are) and are looking to run Git Bash (I recommend it over TortoiseGit, but I lean to the CLI more than GUI now), you need to figure out what your home directory is for Git Bash by starting it then type pwd
(On Windows 7, it will be something like C:\Users\phsr
I think). While you're in Git Bash, you should mkdir .ssh
.
After you have the home directory, and a .ssh
folder under that, you want to open PuTTYgen and open the key (.ppk file) you have previously created. Once your key is open, you want to select Conversions -> Export OpenSSH key
and save it to HOME\.ssh\id_rsa
. After you have the key at that location, Git Bash will recognize the key and use it.
Note: Comments indicate that this doesn't work in all cases. You may need to copy the OpenSSH key to Program Files\Git\.ssh\id_rsa
(or Program Files (x86)\Git\.ssh\id_rsa
).
For TortoiseGit
When using TortoiseGit, you need to set the SSH key via pacey's directions. You need to do that for every repository you are using TortoiseGit with.
Solution 2
Using the built-in SSH client shipped with Git for Windows, you need to set up the HOME environment variable so that the Git SSH client can find the key.
For example, on a Windows Vista installation, this would be done by issuing setx HOME c:\Users\admin\
on the command line.
It made my day and fixed the issue with Git provided that your private key is not password protected. If you want to use ssh-agent, then you can probably run ssh-agent cmd.exe (although I've never done that) and the ssh-add as usual.
Note that all Git/SSH tools are supposed to be run from a cmd.exe in order not to blink a window.
If this does not work correctly, using plink can probably be achieved by tweaking GIT_SSH. Refer to all the SVN + ssh tutorials; this is basically the same plumbing you need to setup.
Solution 3
You can specify the key location for TortoiseGit the following way:
- Open an Explorer Window.
- Open the Contextmenu and navigate TortoiseGit → Settings
- In the now opened window, navigate to Git → Remote
- Set the path to your PuTTY key in the corresponding input box.
A screenshot is below:
Solution 4
None of the previous answers worked for me. Here was what worked for me in the end. It is actually fairly simple, if you know what to type. It doesn't need PuTTY.
- Open a Git Bash prompt
- Type 'ssh-keygen'
- Accept the default location
- Choose a blank passphrase (so just press 'enter' to all questions')
- Now copy the public key to your server, for example: scp ~/.ssh/id_rsa.pub [email protected]:~
That's the bit on your own computer done. Now ssh
into the destination server, then do
mkdir -p ~/.ssh
cd ~/.ssh
cat ../id_rsa.pub >> authorized_keys
rm ../id_rsa.pub
That's it! You're done! From Git Bash, do the following to test:
ssh [email protected] ls
If it lists the files in your home directory on the Git server, and then you're done!
For GitHub, you don't have shell access to their server, but you can upload the key using their website, so for the bit 'now copy to your server', do:
- In Git Bash, type 'cat ~/.ssh/id_rsa.pub', select the result, and copy it to the clipboard.
- On the GitHub website, go to 'Account settings', 'SSH and GPG keys', click 'New SSH key', and paste the key.
Solution 5
If you're using msysgit with the OpenSSH tools, you need to either create ~/.ssh/id_rsa
, or create a Git configuration in ~/.ssh/config
which points to your key.
Here's an example of a Git configuration for Bitbucket that will use the correct username, and a key other than the default key (in case you maintain one key for SSH connections, and another for Git accounts).
~/.ssh/config:
Host bitbucket.org
Hostname bitbucket.org
User git
IdentityFile /C/keys/yourkey.key
Once in Git Bash, you can run two commands to add your key to your current session's ssh-agent to avoid having to repeatedly type the key's password.
eval `ssh-agent`
ssh-add /C/keys/yourkey.key
binaryorganic
I'm a Web Designer, SEO & Standards Consultant from Cleveland, Ohio.
Updated on September 17, 2022Comments
-
binaryorganic over 1 year
My Git setup runs fine on Linux, but when I try to set things up under Windows (using Git for Windows and TortoiseGit), I don't know where to put my private SSH key (or, better still, how to tell
ssh
where it's located). I'm using the standard ssh.exe option during installation of Git for Windows. The setup runs fine if I allow password authentication (in lieu of RSA) on the server.-
Admin over 13 yearsI have the same problem, I can ssh into my dev box using a public key as "root" using the "Git Bash" program that is installed with "Git For Windows" but I can't log in as "git" with my key even though I have copied my "authorized_keys" file from my "root" to my "git" user and set the owners and permissions correctly. Why can't I login as "git" when "root" works with the exact same "authorized_keys" file. Instead for "git" it passes up all the private keys, which are the exact same that work with "root" and asks for a password. This is a Centos 5.5 server by the way.
-
Dan McClain over 13 years@fuzzy lollipop: Do you have the right permissions on your git user's authorized_keys file? It should be chmod 600, and should be owned by the git user. If it's owned by the root user, it wont work
-
Admin over 13 yearsyes all the files and directories are the correct owners and permissions
-
-
binaryorganic over 13 yearsI stated above that I'm using Git for Windows and am using ssh.exe (packaged w/ git) in lieu of putty. There must be some standard practice for adding a private key, I just can't seem to find out how. While switching software may indeed allow me to log in, there has to be a way to do it with the standard Git setup, no?
-
Declan Shanaghy over 13 yearsSorry i dont work on windows, only linux. But the key does have to be in your SSH agent. is there an agent.exe or something along those lines?
-
binaryorganic over 13 yearsYeah, setup was cake on the linux side. But I've got to have it working on Windows too unfortunately. There are several ssh-related executable files in the git/bin folder on the Windows box (ssh, ssh-add, ssh-agent, ssh-keygen & ssh-keyscan), but I don't know how to make any of them do anything. They just blink a cmd window open and close right away. I'm stumped.
-
dev over 12 yearspacey's instructions for tortoisegit won't work until you have the repository (because the 'remote' configuration setting doesn't appear unless you act on a repo), and you probably can't get the repository in the first place if you can't authenticate yourself in order to clone from the origin. Tricky!
-
Corvo Attano about 12 yearsThis is what I was looking for since I'm trying to use the Windows command prompt, not git bash.
-
thaddeusmt about 12 yearsNice, easy fix but it would have been hard to figure out without this!
-
Lutz about 12 yearsImportant is as well to have no blanks between HOME = and c:\... Oct's solution did the trick for me. :-)
-
JP. almost 12 yearsWith GitBash I found I had to copy my
~/.ssh/id_rsa
file toProgram Files\Git\.ssh\id_rsa
- which was a little confusing, but now IntelliJ and Windows cmd can push to git repositories that use key authentication. -
Owen Blacker almost 12 yearsPageant does indeed solve the problem for me -- I have a shortcut in my Start Menu's Startup folder (
C:\Users\owen.blacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
) pointing to"C:\Program Files (x86)\PuTTY\pageant.exe" "C:\Users\owen.blacker\Documents\SSH\OwenBlackerPersonal.ppk" "C:\Users\owen.blacker\Documents\SSH\OwenBlackerWork.ppk"
, so that it loads my SSH keys on startup and this makes GIT "just work" :o) -
user1227502 almost 12 yearsLikewise. I just installed git-for-windows, I am running it from cmd.exe. I needed to put the files
id_rsa
andid_rsa.pub
intoc:\program files (x86)\Git\.ssh
. The.ssh
dir was already present. Thanks, JP. -
samsamuel over 11 yearsSecond paragraph was golden. :)
-
Zlatko over 11 yearsMe too, other answers made git ask me for key passphrase.
-
Damon over 11 yearsso I should be calling the key itself id_rsa with no extension, or putting it inside that folder?
-
ingh.am over 11 yearsExcellent answer ;)
-
ton.yeung over 11 yearsdoesn't work with github since they don't allow shell access
-
Jake Berger about 11 yearsthis answer did NOT work for me. Hugh's answer did.
-
GregB about 11 yearsDon't create keys without passphrases. It's like putting your password in a text file, except that everyone knows the default location for private keys.
-
Danny Staple about 11 yearsWorth noting - if you have spaces in your home (if you are using win XP/server 2003 you will), then you should prefix the path with a single quote. Bizarrely - if you end it with a quote that will be in the variable...
-
dingyaguang117 about 11 yearsYou're answering the wrong question. The Q is how to point to an existing private key.
-
Hugh Perkins almost 11 years@GregB, I look at it like this: any server for which I create a password-less key is as secure as my laptop, it's an extension of the security perimeter of my laptop. Actually, not even, since my home directory is encrypted ;-) So, it's as secure as the encrypted home partition on my laptop, which is 'good enough' for securing access to github, in my opinion. (which may vary from your opinion of course!)
-
Sarah Vessels almost 11 yearsI did this but for github.com: Host github.com IdentityFile ~/.ssh/github_rsa
-
Dickon Reed almost 11 yearsIf msysgit detects PuTTY saved sessions it will by default use PuTTY's plink instead of ssh, so you need to set up your keys using PuTTY instead.
-
Spechal over 10 yearsFollowing the link you provided I was able to get my Jenkins setup. I needed to set the HOME environment variable to the Git program path which held the .ssh directory I created my SSH key in.
-
igor over 10 yearsIn my case I've added HOME = %USERPROFILE%
-
trejder over 10 yearsThe
setx HOME c:\Users\admin` command doesn't seems to be working in Git Bash. You have to use
cmd` instead. -
trejder over 10 years@GregB Don't fall down into paranoia! :] Sure, that using password-protected keys is much more secure, than using password-less, but claiming that password-less key is as easy to break as storing passwords in a text file is an obvious false. I've seen many guides, that encourage users to use password-protected keys, but I have never seen any claiming, that using them without passwords is not secure at all. Plus: some systems doesn't support solutions for remembering key's password, entered by users, and asks for it, each time key is used. Which makes using SSH keys pointless in this situation.
-
trejder over 10 years@OwenBlacker OMFG! You definitely should write this comment as a full-size answer! This is the only solution here, that actually helped me and solved my problem! Pity, that I can give you only +1! :]
-
GregB over 10 yearsFor the sake of the conversation, which has deviated from the original question, SSH keys are certainly more cryptographically secure than passwords, but that security is put at risk by not encrypting your SSH keys. My personal approach is to unlock my keys at the beginning of the day using an SSH agent, which then keeps the decrypted keys in memory so that I don't need to re-enter the password throughout the day. As @Hugh Perkins comments, and I'm paraphrasing, you all know your security requirements better than I/we do :).
-
Tariq M Nasim over 10 yearsAdditionally if you need to convert your private key into '.ppk' format from other format you can follow THIS
-
bumperbox over 10 yearsI used "env" command in gitbash and looked for the HOMEPATH. That is where I found my .ssh folder
-
Simon East almost 10 yearsI think you need several other settings correct for this to work (such as GIT_SSH set to TortoisePLink.exe I think?), and although it has worked for me in the past, I often get problems with it on other machines. :-(
-
roeland almost 10 yearsIf you have a space in your path you have to use quotes: IdentityFile "/C/My Keys/key"
-
Scoop over 9 yearsthis. ughhhhhhhhhhhhh. good bye 2 hours
-
DaveGauer about 9 yearsThis absolutely solves the problem and allows you to store your keys where ever you would like.
-
DaveGauer about 9 yearsThis was the simplest solution on my Win7 machine. Like you, I searched for
known_hosts
. Sure enough, it was inC:\Users\Dave\AppData\Local\VirtualStore\Program Files (x86)\Git\.ssh
. By placing my key file (id_rsa) in that directory, ssh was able to find it without complaint. I did a little reading - this is how Windows handles (legacy) software attempting to write to forbidden areas (such as "C:\Program Files\"), so Git's ssh is completely unaware that it is writing to the VirtualStore directory, Windows is handling that transparently. At least these files belong to a user! -
Steve Pitchers almost 9 yearsGit > Remote only appears once you've successfully cloned the repository.
-
ibgib almost 9 yearsWindows 10 laziest method: type '%USERPROFILE%' in the path bar (gotten from git-scm.com/book/en/v1/Getting-Started-First-Time-Git-Setup)
-
JonE over 8 yearsThis is so helpful. Thanks for solving something that used to work perfectly and then just died
-
patryk.beza over 8 yearsWhat if I want to add multiple keys which names differ from
id_rsa
? -
Daniel Rose over 8 yearsA much easier solution is to set everything up working properly in git (using openSSH), and then tell TortoiseGit to use the ssh.exe used by git. See stackoverflow.com/a/33328628/318317 That way, you only need to fix this once.
-
Graeme Perrow about 8 yearsNote that
%HOMEPATH%
does not contain the drive letter, so if your source is not onC:
you need to prependC:
to%HOME%
. -
hiroshi about 8 yearsYeah it is very annoying. It is natural and easy to clone a repo with github for windows GUI, but when use git cui outside of git shell failed. I wonder how the git command in the git shell works with https url...
-
Brig about 8 yearsuse
ssh -v [email protected]
to see what files your ssh is trying to use -
nmz787 about 8 yearsfor SSH is the prefix always
git@{SERVER URL}
? -
IDisposable about 8 yearsYes, as far as I've ever seen :)
-
sipher_z over 7 years@Brig
'ssh' is not recognized as an internal or external command...
-
CaffeineAddiction about 7 years@GregB "SSH keys are certainly more cryptographically secure than passwords" this is not always the case ... a 64 character password consisting of randomized characters 0-f (hex) is apparently more secure than a 4096 bit RSA key
-
rob about 7 yearsIt is perfectly reasonable to make suggestions like this as comments. But as the question explicitly requests git for windows you should expect down votes for posting this as an answer.
-
Xenos almost 7 years@JP. For my part, I had to put my already-generated keys to
C:\Users\xxxx\.ssh
to use them inGit GUI 0.21.GITGUI
andgit v2.13.0.windows-1
-
Kirill Husiatyn almost 7 yearsI prefer this way, because this allowed me fast connect existed keys from other PC
-
Ian Grainger almost 7 years@OwenBlacker I get an error 'unable to open the file' when trying to use Pageant :(
-
Ian Grainger almost 7 yearsI get 'Unable to open the file' from Pageant :( Which I know is set up correctly as I'm using it for TortoiseGit :(
-
Ian Grainger almost 7 yearsAlready had this - still asks me all the time
-
Micah Zoltu over 6 yearsFor future readers,
%USERPROFILE% is the equivalent of $HOME
is not the equivalent of$HOME
. A lot of bad acting Linux apps ported to Windows treat t the two the same e but they should not be treated the same. -
Eric Blade over 6 yearsMicah, can you inform the differences in intent for that? Also, even with different intent, it would seem that if all the tools use one as the other, then doesn't it effectively become equivalent?
-
Micah Zoltu over 6 yearsTools that use
%USERPROFILE%
on Windows in the same way as$HOME
on Linux are violating well documented best practices/recommendations for Windows development (published by MS long ago and updated over time). There are many tools that do this, but the argument to follow them is much like the argument "X pees in the pool, so we should too."USERPROFILE
is where the user stores documents they create/save (e.g., save dialog).APPDATA
is for per-user configuration data.LOCALAPPDATA
is for per-user caches and large files.PROGRAMDATA
is for machine-wide configuration and cache. -
Micah Zoltu over 6 yearsIn general, the only tools that misbehave with USERPROFILE are tools written by Linux developers and then ported to Windows. As a developer, you probably use a lot of these so it feels like "everyone is doing it" but outside of the development tooling ecosystem most Windows applications actually are good citizens. Even Microsoft sometimes makes the mistake of not putting things in the right place (they are a huge company), though in general when you point it out to them they make an effort to resolve the problem and follow OS guidelines.
-
Micah Zoltu over 6 years(sorry, StackExchange character limits on comments). Here is more details about the folders and a brief description of what goes in each. There are other resources as well, including more consumable blog posts, but this one offers the most technical accuracy: technet.microsoft.com/en-us/library/cc749104(v=ws.10).aspx
-
Mireodon over 6 yearsThe question was specifically about windows. I have git on my Ubuntu machine working like this, but I can't tell what to set
GIT_SSH_COMMAND
to on my Windows machine. -
Matthew Wetmore over 6 yearsWelcome to Server Fault. This question already has a widely accepted answer accepted several years ago. Keep looking for newer questions or those that can be significantly improved.
-
Nikita Bosik over 6 yearsIf disabled, check
Settings... -> Network -> SSH client
is set toC:\Program Files\TortoiseGit\bin\TortoiseGitPlink.exe
-
Michael Russo over 6 yearsThis helped, but for anyone who's using an id_dsa key, you'll also need to add "PubkeyAcceptedKeyTypes ssh-dss" under your host.
-
Aaron Mason over 6 years
set HOME=%USERPROFILE%
fixed the issue for me, using Windows CMD. -
Colin over 6 yearsAlso keep in mind that if you don't specify the user in the git url, git will use your Windows user name rather than the one you might have on your nix/mac machine (doh)
-
Mark about 6 yearsThis accepted solution disregards the question asked, and the current addendum about moving SSH keys under
Program Files
is not viable for anyone with a multi-user machine. -
Matt over 5 yearsWish I would have found this days ago. :( Works!
-
pangyuteng over 5 years
set %HOME%=%HOMEPATH%
worked for me! Thank you!! -
Rainb almost 4 yearsthis is not the answer to the question
-
Rainb almost 4 yearsOH MY GOD THIS WORKED FOR ME WHEN NO PREVIOUS ANSWERS WORKED!
-
Rainb almost 4 yearsA comment with not so many upvotes saved me, the top voted comments don't even solve anything
-
user4015990 over 2 yearsThank you. This saved my day.
-
twig over 2 yearsFinally got around to fixing this issue with msysgit/Git Bash and this answer solved it for me. Exporting the
id_rsa
file to%USERPROFILE%\.ssh\id_rsa
worked immediately. -
maja over 2 yearsthis answer helped me solve a very peculiar issue where the encryption algorithm of my key wasn't supported by one of the operating systems I was using
-
PythoNic over 2 yearsAdding to @trejder: you can use
echo $HOME
instead of the unreliablepwd
-
PythoNic over 2 yearsi was asked for user + password even after this explaination. I had to change the <repo>/.git/config File. Remote origin needed
[email protected]:...
instead ofurl=https://gitlab.com...
(continue the ... according to your project, host or whatever) -
Admin almost 2 yearsto cope with the fact that
%HOMEPATH%
is not a full path, use: 1. via command-line,setx HOME %HOMEDRIVE%%HOMEPATH%
; 2. via Control Panel, in step 7 above use%HOMEDRIVE%%HOMEPATH%
.