Automatically starting SSH Agent for Windows 10 bash

Chai Jia Xun
a read

I’ve always been a Windows guy. My first computer ran on Windows 98 and I’ve never even considered touching a Mac. Everything changed when the fire nation attacked during my stint in UpGuard. I was given a Macbook to code on and I fell in love with the bash shell. Now I would still love to all that bash goodness without having to use a Mac, and I even considered transiting to Ubuntu. So imagine my joy when Microsoft announced the Ubuntu subsystem on Windows 10.

Now that the anniversary update is out and it is more stable, I find myself using the system more often. Don’t get me wrong, the feature is still in beta and I wouldn’t expect this to be a full replacement for a native unix environment… yet. I primarily use git with ssh key authentication, which requires the SSH agent to be running. Irritatingly the agent is not persistent and each time I close the bash window, or open a new one, I would need to restart it.

Note: This might not work on ubuntu. I've tested it and it still works on Windows Subsystem on Linux (Aug 2020)

At the start, I just went through the manual process of typing the following.

$ eval "$(ssh-agent -s)"
$ ssh-add ~/.ssh/id_rsa
$ <type password here>

This started to get on my nerves so I figured I’d just spend 5 minutes putting this into a script. As it turned out, the script was not as easy as pasting this into a .sh file. So I don’t forget, and for the benefit of anyone else, I have decided to document the process I went through.

Step 1: Start the agent in your bashrc

This is the easiest step, you just need to put the code below at the bottom of your ~/.bashrc file. I personally use zsh, so mine was in the ~/.zshrc file.

eval "$(ssh-agent -s)"

The next steps were not as straightforward as I would have liked. My ssh private keys are password protected and I wanted to create a script that could automatically add and enter those passwords for me.

Step 2: Install expect

Expect is a tool for automating interactive applications. We require this for the script to automatically key in the password.

$ sudo apt-get install expect

Step 3: Create script

Create a script file in your favourite text editor.

$ vi ~/add-keys.sh

And paste the following code in.

#!/usr/bin/expect
spawn ssh-add $::env(HOME)/.ssh/id_rsa
expect "id_rsa:"
send "[PASSWORD]\r"
spawn clear
interact

Explanation:

#!/usr/bin/expect tells the script to use the expect tool to run this file

spawn just executes the code that comes after.
Note: when referencing the $HOME variable, you need to use
$::env(HOME) instead. Reference.
Note the last few characters.
The expect command tells expect to expect (^^/) the text "id-rsa:" before running the next line. You just have to replace the id_rsa with the name of your key.

The next line is your password in plaintext followed by a carriage return.

spawn clear will clear your console so you get a nice pristine console.

Finally, interact will give control back to you and end the programAnd we’re done with the script.

Step 4: Calling the script on startup.

Going back to your .bashrc (or .zshrc) file, add the line

./add_keys.sh

just below the code you inserted in Step 1.

Don’t forget you need to give execute permissions to the script.

$ chmod 0700 ~/add-keys.sh

Result

Upon starting the bash window, you should see the text below flash for a while before giving you a clean prompt

And just to check if your key is in, you can use the ssh-add -l command, which will list all the keys currently added to your ssh-agent.

Considerations

First of all, putting down your password in a text file is never a good idea and defeats the point of the password in the first place. I did this because I did not want to create another ssh key and I hope that no one infiltrates my computer.

Ensure that the file permissions are set such that no one else but you can access the file.

A good alternative would simply be to create a key pair that does not have a password on it, then you should be able to simply add it to your .bashrc without typing the expect script.

Feedback

If you have a better way of doing this or any general feedback, I’m happy to hear it.

The form has been removed due to getting nothing but spam. Please drop me an email instead at chaijiaxun at gmail.

Check the next post: Goodbye WordPress, Hello Ghost »

Share on:
Chai Jia Xun
Chai Jia Xun

Jia Xun speaks of himself in the third person when writing his bio. He thinks he's being cute but we all know that's just cliche. Being meta is so passe. Why do people still do it?