Getting SSH/Git Clients on Friggin’ Windows Working

 

Secure Shell (SSH) is a network protocol used ubiquitously, e.g., github.com, bitbucket.com, etc. If you use Git or Hg, it’s nice to set up SSH because you can avoid having to re-enter your user id and password every time you clone the repository. (Or, if you are really desperate, encode the user id and password in the URI for the repository.) While there may be a lot of information (e.g., here and here) on how to set this up, it’s almost always Linux-centric, using ssh, ssh-add, ssh-keygen commands. Cygwin has an implementation which looks just like the Linux toolset, but Putty is the SSH system most use on Windows. Unfortunately, Git checks the environmental variables, and special cases the connection (see the kludges in git_connect in connect.c). So, if you try Git from Cygwin, it may not use the same SSH system in some other environment, like SourceTree. (If you look for “git.exe” in your PC, it’s sprinkled throughout.) If you didn’t know that and use Windows, God help you because you can spend days trying to figure out why things don’t work while sifting through the mountains of useless information! This protocol outlines the steps involved to set up SSH for both Cygwin and Putty.

Prerequisites:

  • Cygwin installed
  • Account on Github.com
  • Git installed (https://git-scm.com/downloads)
  • Git GUI (https://git-scm.com/downloads/guis). I recommend SourceTree (https://www.sourcetreeapp.com/).

Method:

    1. Open a Cygwin Terminal, and execute the following commands in order presented…
    2. which ssh
      1. Note: Verify that you have SSH installed for Cygwin. If not, go to http://cygwin.com, download the installer, run it and install SSH.
    3. I HIGHLY recommend you use Pageant. Place in your ~/.bashrc file eval $(/usr/local/bin/ssh-pageant -ra $TEMP/.ssh-pageant)., See https://github.com/cuviper/ssh-pageant.
      1. If you don’t plan on using Pageant, eval `ssh-agent -s`; ssh-add -L
      2. Note: look at the output to see if there are any keys added. There may or may not, it doesn’t matter because you’re going to generate and add a new key here.
    4. cd ~/.ssh
      1. Note: If you don’t have the directory, execute cd, then mkdir .ssh to create one, then cd .ssh.
    5.  ssh-keygen -t rsa
    6. On the prompts, you can just return for each thing prompted for.
    7. ls
      1. Note: Verify you have id_rsa, id_rsa.pub (or the file name you entered above) generated.
    8. cat id_rsa.pub # (or the file you entered above)
      1. Verify the key is not empty.
    9. ssh-add
      1. Note: You should see output from ssh-add indicating it added the keys in the ~/.ssh directory. If not, it may have been already added.
    10. ssh-add -L
      1. Note: Verify you have the key you just created added.
    11. In an editor like Notepad, open the .PUB file and copy the text into the clipboard.
    12. In a browser, log into github.com (or create an account).
    13. In Github.com, to the the upper-right corner, and click on the icon for the user, and then settings in the pulldown.
      1. Add a key. See https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/ for more info.
    14. Back in the Cygwin Terminal started in step 1 …
    15. ssh -v git@github.com
      • When it prompts for “do you want to continue?”, enter yes.
      • The output should look like this:

 

$ ssh -v git@github.com
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Connecting to github.com [192.30.252.129] port 22.
debug1: Connection established.
debug1: identity file /home/Ken/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/Ken/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version libssh-0.7.0
debug1: no match: libssh-0.7.0
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8
The authenticity of host 'github.com (192.30.252.129)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'github.com,192.30.252.129' (RSA) to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/Ken/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to github.com ([192.30.252.129]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
PTY allocation request failed on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Hi kaby76! You've successfully authenticated, but GitHub does not provide shell access.
debug1: channel 0: free: client-session, nchannels 1
Connection to github.com closed.
Transferred: sent 3388, received 1796 bytes, in 0.1 seconds
Bytes per second: sent 42231.9, received 22387.4
debug1: Exit status 1
      1. git clone git@github.com:heroku/ruby-rails-sample.git
        1. Note: This verifies that command-line Git works. If it doesn’t then you should probably use ssh-pageant because git is not using the right agent.
      2. Note: If you use SourceTree (or other Git clients), verify they work too. This is because they use a damn separate authentication tool: pageant.exe. You can tell if you see in the lower-right corner the Pageant server icon.
      3. Find the Pageant server, and open it
      4. 2016-02-18 (4)
      5. In SourceTree, go to menu item “Tools | Create or Import SSH Keys”.
      6. In the dialog box, click on “Load” button, and find the file id_rsa (or the file name you entered above). You will have to type it in explicitly, or remove the stupid filter for the open file dialog box. Save the key, both public and private (generates a PPK file that’s compatible with Pageant).
      7. In Pageant, “Add Key”, using the .PPK generated above by SourceTree utility.
      8. Execute plink.exe in the Atlassian/SourceTree installation directory from Cygwin Terminal or Cmd.
      9. plink git@github.com
      10. In SourceTree, In SourceTree, clone the above Ruby sample. If it hangs, use plink.exe from the Cygwin Terminal.
$ plink git@github.com
Hi kaby76! You've successfully authenticated, but GitHub does not provide shell access.
Using username "git".
Server refused to allocate pty

Additional Information