How to make git not prompt for passphrase for ssh key?

ssh git ssh-keys git-bash

102,944

Solution 1

You can run this in git bash, Windows WLS or bash on real GNU/Linux.

eval `ssh-agent -s`
ssh-add ~/.ssh/*_rsa

it will ask for pass phrase in the second command, and that's it. Each additional action you will need to do (which once required pass phrase) won't ask you for the pass phrase (see an example in the screen shot below):

Solution 2

A slightly better and permanent solution is to auto launch the ssh-agent when opening the git bash on windows. You can copy/paste the below in your .profile or .bashrc. I prefer to put it on the .profile

env=~/.ssh/agent.env

agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }

agent_start () {
    (umask 077; ssh-agent >| "$env")
    . "$env" >| /dev/null ; }

agent_load_env

# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)

if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
    agent_start
    ssh-add
elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
    ssh-add
fi

unset env

This solution was taken from this github help article

Solution 3

Im not sure if I want to recommend it, but when you create the Key and asked to set password, just hit enter and skip the password.

Have a look at this link for how to use ssh-keygen: https://help.github.com/articles/working-with-ssh-key-passphrases/

Perhaps ssh-agent can help you somehow. But not sure without knowing your current system.

Solution 4

TDLR: For windows users,

run ssh-add "C:\\Users\\<your user>/.ssh/id_rsa"
not ssh-add ~/.ssh/id_rsa

For example I see this all the time:

$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /c/Users/User/.ssh/id_rsa: 
Identity added: /c/Users/User/.ssh/id_rsa (/c/Users/User/.ssh/id_rsa)

$ git pull
Enter passphrase for key 'C:\Users\User/.ssh/id_rsa':

Note the inconsistent path separators: the ssh-agent converts ~ using Unix path separators, but git uses Windows path separators instead. Given that the path of the id_rsa file is used as key, this explains why the cache is missed.

Another difference is C:/ instead of /c/
Related remark: When git asks you for the passphrase, it won't be cached, so you can be entering it there indefinitely. Try passing the phrase to ssh-add only.
On Windows, assume that ~ is "multivalued", so it's best to be explicit.
ssh-add looks at default locations like ~/.ssh/id_rsa. On Windows, assume that's ambiguous. Explicitly pass in the explicitly formatted path instead of relying on default paths:
- ssh-add "C:\\Users\\<your user>/.ssh/id_rsa", i.e. in @velval's answer too.

View more solutions

102,944

jcubic

Updated on September 18, 2022

Comments

jcubic over 1 year

I'm using git bash and I setup ssh key using ssh-keygen and each time I do something with a repo git ask me for passphrase for /c/Users/jankiewj/.ssh/id_rsa. Is there a way to disable that passphrase.

EDIT: I've edited original title (removed Windows) since I've just used fresh install of Ubuntu on my work laptop and when ssh key have pass phrase it always ask for it and the solution to fix this is the same. This probably work the same on MacOSX that is also Unix and use same basic tools.
- Admin over 8 years
  
  This page on serverfault might help serverfault.com/questions/194567/…
- jcubic over 8 years
  
  @Radoo it didn't help.
- Mike Lowery almost 4 years
  
  superuser.com/questions/1433917/…
- jcubic almost 4 years
  
  @MikeLowery this looks like PowerShell question and answer. This is about git bash, linux like env for Windows before WSL, but with WSL is the same.
Black over 5 years

I have to enter it again, as soon as I close git bash... is there a permanent solution?
jcubic over 5 years

@Black it's per bash session, I've put this in .bashrc so each time I open git bash I get the prompt and for that session I'm all set.
Black over 5 years

What exactly do you put in .bashrc? And where is .bashrc?
Black over 5 years

Edit: nevermind, You have to create the file yourselv in ~/.bashrc then enter the lines from your post into it and save, thats it :) thx!
jcubic about 5 years

I've put my simple code into .bashrc, how your solution different? On Windows bash each shell is independent so agent is never running when you run the shell.
cbaldan almost 5 years

Leaving a blank password is insecure and many corporate devs won't be able to have a blank passphrase due to restriction. It's a lame workaround, not a solution for OP issue.
Ben Asmussen almost 5 years

Solution works fine by putting the code into the .bashrc. Prompting the ssh passphrase only at the first time. Safed my life. Thank you.
Richard D almost 5 years

This should really be the accepted answer as it presents a solution that is persistent and better meets what I think the OP was asking.
Rockin4Life33 almost 5 years

Instead of using the lines above, especially in the .bashrc, I would use a script, and place it in either the .bash_profile or .profile. Here is a snippet of the main portion of my .bash_profile, it should resolve this for anyone still looking for an answer; it's similar to an answer below. At the top of the script I load up my .bashrc, which if not applicable just leave that out. Note: you will need to change references to id_rsa to whatever you named your private SSH key, and maybe the path.
Nils Guillermin over 4 years

What do I do if I accidentally typed the wrong password on startup? Edit: Based on superuser.com/a/271673/647110, you can ssh-add -D to delete all keys.
Det over 4 years

What's with the eval?
jcubic over 4 years

@Det ssh-agent -s return variables + echo in bash format, like a small script, so you need to execute it, and you need this in current context so $() will not work. Check man ssh-agent for -s option.
Kennet Celeste over 4 years

definitely not a good answer
Jim P over 4 years

lame perhaps, but for local use only, Tasty and expeditious™
Fernando Miguel Carvalho over 4 years

It was the only way to solve it on windows 10. After following all the steps of "Generating a new SSH key and adding it to the ssh-agent" github guide, it was always asking me for the passphrase. Even after added it. That behavior was breaking my maven deployment flow because at mvn release:perform phase it tries to checkout the release tag without providing the passphrase. So only clearing the passphrase solved this issue.
br4nnigan about 4 years

this only works in git bash
jcubic about 4 years

@brannigan I use this only on Windows and it work the same in Windows WSL (linux on windows), on GNU/Linux I don't need this at all, but I have ssh key without passphrase, maybe this is the reason. On all the systems I use bash.
grunk almost 4 years

For those wondering , i had to touch ~/.profile into git bash in order to have the file .profile
user2023861 almost 4 years

This solution still requires you to enter your passphrase when you first open git bash, and you have to have git bash open to run git commands. This is not a good permanent solution
jcubic almost 3 years

NOTE That the question is about GIT Bash on Windows and also the accepted answer, so it's still ssh-add ~/.ssh/id_rsa (even on Windows). GIT Bash is a unix environment. The same will be in WSL (Windows Subsystem for Linux) so your answer is wrong.
jcubic almost 3 years

If think that you didn't installed GIT Bash properly and installed git tools into cmd.exe, so this is not GIT Bash as in question. Please create another question where you can ask about cmd.exe instead of GIT Bash. This will only confuse people.
JBSnorro almost 3 years

@jcubic My answer is about Git Bash on Windows too, just like the question and accepted answer. I'm pretty sure that is clear from my answer, but if not, where can I improve?
Leftium almost 3 years

@user2023861: Slight tweak to method so password prompt only appears as needed: stackoverflow.com/a/59441543/117030
Niing over 2 years

Why do we need the first step? It only outputs Agent pid xxxxx
jcubic over 2 years

@Niing commands can do something that you don't know and print something else. You don't know what that command does. If you want to know for sure, you can read its source code, the program is open source.
Niing over 2 years

@jcubic: it creates an new agent and prints the id of it :) Thanks I should check things like that.
csrowell about 2 years

For others who end up here trying to figure out why their script isn't executing when they add it to either ~/.profile or ~/.bashrc, I found I needed to add it to ~/.bash_profile for it to get picked up and used by Git Bash on Windows.
Admin almost 2 years

Not recommended. Then everybody accessing your machine can use the private/public key pair.
Admin almost 2 years

yea.... if everyone who can access your machine can access your files, you have other issues to handle as well...... But still, what you say is correct.