Enable the SSH server in Windows
You need to add the optional feature ‘OpenSSH Server’ in Windows 10 first by going to
Settings -> search for
Add an optional feature -> search again for
OpenSSH Client and choose to install.
Configure SSH service to automatically start
By default Windows won’t start the
ssh-agent. You can tell Windows to start the service automatically in the future by running the following command in PowerShell (as Administrator).
Get-Service ssh-agent | Set-Service -StartupType Automatic -PassThru | Start-Service
But right now, manually start the service by running
Generate the key
Open PowerShell and follow these commands to generate SSH key on your machine.
Keep the default location for where to save the key. This should be
Generate a complex password and store in safe place, ideally a password manager.
Enter this password when prompted. When complete you’ll be shown the
key fingerprint and the
key's randomart image.
Add key to the SSH Agent
We need to add the key to our ssh-agent so we don’t have to type the key each time we use it.
The agent will recognise that a new key is present and will ask for the passphrase.
Once entered you’ll see the confirmation message
I still needed to manually add the key to the ssh-agent. To do so navigate to the
.ssh folder where we stored our keys earlier
C:\Users\<username>/.ssh/ and run the following with the correct key name.
This will prompt you to enter the passphrase in and once again you should see the
Identity added confirmation.
Access your public key
Now we have our key we can add it to systems such as GitHub or Bitbucket. To do so follow the instructions for that particular service. We’ll need to retrieve the public key from our machine to do so.
Navigate to the
.ssh folder and find the file
<private-key>.pub. Open this in a text editor. The contents of this file is what you need to copy and paste into the relevant service you’re wanted to add the key to.
Testing the keys
In this example lets assume we’ve added our key to Bitbucket. We can test that the key is correctly set up by running the following command.
ssh -T email@example.com
If all is well then we should see the
logged in as message without needing to enter the passphrase
Using with Git
By now we have our key correctly stored in the SSH agent and we’re allowed to connect to the Bitbucket servers using SSH. However we might still be prompted to enter our passphrase whenever we try to perform a
git command that talks to the remote.
ssh -T command uses the Windows 10 agent so all appears to be correct, but it won’t behave the same in Git. This is due to the fact Git is using it’s own ssh agent, not the Windows 10 agent that we’ve added our keys to.
We need to tell Git to use the Windows SSH agent instead of it’s own. We do this by updating the
git config --global core.sshCommand C:/Windows/System32/OpenSSH/ssh.exe
Now when we use Git, we won’t be prompted for our passphrase, even after a restart.