How to make git not prompt for passphrase for ssh key?
Solution 1
You can run this in git bash, Windows WLS or bash on real GNU/Linux.
eval `ssh-agent -s`
ssh-add ~/.ssh/*_rsa
it will ask for pass phrase in the second command, and that's it. Each additional action you will need to do (which once required pass phrase) won't ask you for the pass phrase (see an example in the screen shot below):
Solution 2
A slightly better and permanent solution is to auto launch the ssh-agent when opening the git bash on windows. You can copy/paste the below in your .profile or .bashrc. I prefer to put it on the .profile
env=~/.ssh/agent.env
agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
agent_start () {
(umask 077; ssh-agent >| "$env")
. "$env" >| /dev/null ; }
agent_load_env
# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
agent_start
ssh-add
elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
ssh-add
fi
unset env
This solution was taken from this github help article
Solution 3
Im not sure if I want to recommend it, but when you create the Key and asked to set password, just hit enter and skip the password.
Have a look at this link for how to use ssh-keygen
:
https://help.github.com/articles/working-with-ssh-key-passphrases/
Perhaps ssh-agent
can help you somehow. But not sure without knowing your current system.
Solution 4
TDLR: For windows users,
- run
ssh-add "C:\\Users\\<your user>/.ssh/id_rsa"
- not
ssh-add ~/.ssh/id_rsa
For example I see this all the time:
$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /c/Users/User/.ssh/id_rsa:
Identity added: /c/Users/User/.ssh/id_rsa (/c/Users/User/.ssh/id_rsa)
$ git pull
Enter passphrase for key 'C:\Users\User/.ssh/id_rsa':
Note the inconsistent path separators: the ssh-agent converts ~ using Unix path separators, but git uses Windows path separators instead.
Given that the path of the id_rsa
file is used as key, this explains why the cache is missed.
- Another difference is
C:/
instead of/c/
- Related remark: When git asks you for the passphrase, it won't be cached, so you can be entering it there indefinitely. Try passing the phrase to
ssh-add
only. - On Windows, assume that
~
is "multivalued", so it's best to be explicit. ssh-add
looks at default locations like~/.ssh/id_rsa
. On Windows, assume that's ambiguous. Explicitly pass in the explicitly formatted path instead of relying on default paths:ssh-add "C:\\Users\\<your user>/.ssh/id_rsa"
, i.e. in @velval's answer too.
Related videos on Youtube
jcubic
Updated on September 18, 2022Comments
-
jcubic over 1 year
I'm using git bash and I setup ssh key using ssh-keygen and each time I do something with a repo git ask me for passphrase for
/c/Users/jankiewj/.ssh/id_rsa
. Is there a way to disable that passphrase.EDIT: I've edited original title (removed Windows) since I've just used fresh install of Ubuntu on my work laptop and when ssh key have pass phrase it always ask for it and the solution to fix this is the same. This probably work the same on MacOSX that is also Unix and use same basic tools.
-
Admin over 8 yearsThis page on serverfault might help serverfault.com/questions/194567/…
-
jcubic over 8 years@Radoo it didn't help.
-
Mike Lowery almost 4 years
-
jcubic almost 4 years@MikeLowery this looks like PowerShell question and answer. This is about git bash, linux like env for Windows before WSL, but with WSL is the same.
-
-
Black over 5 yearsI have to enter it again, as soon as I close git bash... is there a permanent solution?
-
jcubic over 5 years@Black it's per bash session, I've put this in
.bashrc
so each time I open git bash I get the prompt and for that session I'm all set. -
Black over 5 yearsWhat exactly do you put in .bashrc? And where is .bashrc?
-
Black over 5 yearsEdit: nevermind, You have to create the file yourselv in
~/.bashrc
then enter the lines from your post into it and save, thats it :) thx! -
jcubic about 5 yearsI've put my simple code into
.bashrc
, how your solution different? On Windows bash each shell is independent so agent is never running when you run the shell. -
cbaldan almost 5 yearsLeaving a blank password is insecure and many corporate devs won't be able to have a blank passphrase due to restriction. It's a lame workaround, not a solution for OP issue.
-
Ben Asmussen almost 5 yearsSolution works fine by putting the code into the
.bashrc
. Prompting the ssh passphrase only at the first time. Safed my life. Thank you. -
Richard D almost 5 yearsThis should really be the accepted answer as it presents a solution that is persistent and better meets what I think the OP was asking.
-
Rockin4Life33 almost 5 yearsInstead of using the lines above, especially in the
.bashrc
, I would use a script, and place it in either the.bash_profile
or.profile
. Here is a snippet of the main portion of my.bash_profile
, it should resolve this for anyone still looking for an answer; it's similar to an answer below. At the top of the script I load up my.bashrc
, which if not applicable just leave that out. Note: you will need to change references toid_rsa
to whatever you named your private SSH key, and maybe the path. -
Nils Guillermin over 4 yearsWhat do I do if I accidentally typed the wrong password on startup? Edit: Based on superuser.com/a/271673/647110, you can
ssh-add -D
to delete all keys. -
Det over 4 yearsWhat's with the
eval
? -
jcubic over 4 years@Det
ssh-agent -s
return variables + echo in bash format, like a small script, so you need to execute it, and you need this in current context so$()
will not work. Checkman ssh-agent
for-s
option. -
Kennet Celeste over 4 yearsdefinitely not a good answer
-
Jim P over 4 yearslame perhaps, but for local use only, Tasty and expeditious™
-
Fernando Miguel Carvalho over 4 yearsIt was the only way to solve it on windows 10. After following all the steps of "Generating a new SSH key and adding it to the ssh-agent" github guide, it was always asking me for the passphrase. Even after added it. That behavior was breaking my maven deployment flow because at
mvn release:perform
phase it tries to checkout the release tag without providing the passphrase. So only clearing the passphrase solved this issue. -
br4nnigan about 4 yearsthis only works in git bash
-
jcubic about 4 years@brannigan I use this only on Windows and it work the same in Windows WSL (linux on windows), on GNU/Linux I don't need this at all, but I have ssh key without passphrase, maybe this is the reason. On all the systems I use bash.
-
grunk almost 4 yearsFor those wondering , i had to
touch ~/.profile
into git bash in order to have the file .profile -
user2023861 almost 4 yearsThis solution still requires you to enter your passphrase when you first open git bash, and you have to have git bash open to run git commands. This is not a good permanent solution
-
jcubic almost 3 yearsNOTE That the question is about GIT Bash on Windows and also the accepted answer, so it's still
ssh-add ~/.ssh/id_rsa
(even on Windows). GIT Bash is a unix environment. The same will be in WSL (Windows Subsystem for Linux) so your answer is wrong. -
jcubic almost 3 yearsIf think that you didn't installed GIT Bash properly and installed git tools into cmd.exe, so this is not GIT Bash as in question. Please create another question where you can ask about cmd.exe instead of GIT Bash. This will only confuse people.
-
JBSnorro almost 3 years@jcubic My answer is about Git Bash on Windows too, just like the question and accepted answer. I'm pretty sure that is clear from my answer, but if not, where can I improve?
-
Leftium almost 3 years@user2023861: Slight tweak to method so password prompt only appears as needed: stackoverflow.com/a/59441543/117030
-
Niing over 2 yearsWhy do we need the first step? It only outputs
Agent pid xxxxx
-
jcubic over 2 years@Niing commands can do something that you don't know and print something else. You don't know what that command does. If you want to know for sure, you can read its source code, the program is open source.
-
Niing over 2 years@jcubic: it creates an new agent and prints the id of it :) Thanks I should check things like that.
-
csrowell about 2 yearsFor others who end up here trying to figure out why their script isn't executing when they add it to either
~/.profile
or~/.bashrc
, I found I needed to add it to~/.bash_profile
for it to get picked up and used by Git Bash on Windows. -
Admin almost 2 yearsNot recommended. Then everybody accessing your machine can use the private/public key pair.
-
Admin almost 2 yearsyea.... if everyone who can access your machine can access your files, you have other issues to handle as well...... But still, what you say is correct.