Windows 10 SSH client: password-less access
Solution 1
As an addition to the answer by Thomas S., I found a way Windows can remember the passphrase, even after reboot. This uses PowerShell.
Run this in an elevated PowerShell Session (= run as admin):
Get-Service ssh-agent | Set-Service -StartupType Automatic -PassThru | Start-Service
(Or you can do that with the GUI if you know how. It basically makes the ssh-agent start automatically.)
Optional for Git
In order to make Git recognize all these settings, you need to tell Git to use the internal OpenSSH instead of its own. (Yes, in case of Git there are two OpenSSH instances now)
git config --global core.sshCommand C:/Windows/System32/OpenSSH/ssh.exe
(Use forward-slashes / or double backslashes \\ in this path)
By doing that also Git (including all Git clients) has access to the stored passphrase.
Source: https://github.com/dahlbyk/posh-git/issues/640#issuecomment-435515055
Solution 2
- be sure the optional Windows feature "OpenSSH Client" is installed
- ensure the service "OpenSSH Authentication Agent" has at least the "manual" startup type (by default: disabled)
- start the service, e.g. by invoking
ssh-agent(if you get the output "unable to start ssh-agent service, error :1058", the service most likely is in "disabled" state) - tell it about the private key file:
ssh-add <path-to-private-key-file> - now
ssh user@serverworks without asking for the passphrase
Unfortunately, I have not found a way to let it remember the private key and passphrase after reboot.
Solution 3
Generate your key without a passphrase
...> ssh-keygen
then make sure the public key is placed within the authorized_keys file under the .ssh directory of the target machine. I did this by hand. I don't remember the details I used one of the many online examples of how to do this
then when you run
...> ssh -i <private_key_file> squidward@bikinibottom
you will not be prompted for a passphrase
Related videos on Youtube
07 : 59
05 : 48
04 : 06
13 : 51
02 : 11
Thomas S.
Updated on September 18, 2022Comments
-
Thomas S. over 1 year
I'd like to purely use the SSH client built-in to Windows 10 - no plink, no putty.
I easily can login to my server using
$ ssh user@serverbut it always asks me for my password. When using a private key
$ ssh user@server -i %USERPROFILE%\.ssh\id_rsait also asks me for the passphrase. Is the Windows SSH client capable of storing the credentials somewhere like macOS in the keychain?
-
cja over 3 yearsThis information has helped me a lot. Thank you.
-
Mike 'Pomax' Kamermans about 3 yearsAnd forcmd? Because even if you have the OpenSSH service running, that only works in powershell. It does not work incmd, which still asks for a password when runningstart-ssh-agent. -
Andreas Linnert about 3 years@Mike'Pomax'Kamermans What is a possible reason that you cannot use PowerShell? It comes pre-installed on Windows. You only need it for one command.
-
Mike 'Pomax' Kamermans about 3 yearsno, I need it for running lots of commands from files that include run instructions with
&&for command chaining, something thatcmdsupports, but that powershell doesn't. -
ToJo over 2 yearsIf you are wondering how to change the startup type of the OpenSSH Authentication Agent, this answer to Starting ssh-agent on Windows 10 fails: "unable to start ssh-agent service, error :1058" should help.
-
ps2goat about 2 years@Mike'Pomax'Kamermans from an elevated command prompt:
sc config ssh-agent start=auto && net start ssh-agent -
ps2goat about 2 yearsI had everything working with no passphrase and a config file (multiple gitlab accounts on one machine), but that last bit about switching the git ssh client fixed it for me so that I could actually use a passphrase. (delete a comment to fix a typo 😂)
