ssh-pageant
An SSH authentication agent for Cygwin/MSYS that links OpenSSH to PuTTY's Pageant.
ssh-pageant is a tiny tool for Windows that allows you to use SSH keys from
PuTTY's Pageant in Cygwin and MSYS shell environments.
You can use ssh-pageant to automate SSH connections from those shells, which
is useful for services built on top of SSH, like SFTP file transfers or pushing
to secure git repositories.
ssh-pageant works like ssh-agent, except that it leaves the key storage to
PuTTY's Pageant. It sets up an authentication socket and prints the environment
variables, which allows OpenSSH connections to use it.
Installation
You can install the latest release of ssh-pageant for Cygwin using the
standard setup.exe program. For MSYS2, just run pacman -S ssh-pageant.
Otherwise, you can use the readily-available binary releases:
-
Download the pre-built 32-bit or 64-bit release for Cygwin, or
the 32-bit release for MSYS. -
Just copy the exe into your PATH and ensure it is executable:
$ cp ssh-pageant.exe /usr/bin/ $ chmod 755 /usr/bin/ssh-pageant.exe -
Optionally, copy the manpage as well:
$ cp ssh-pageant.1 /usr/share/man/man1/
The INSTALL file describes how to build and install ssh-pageant from source.
Usage
-
Ensure that PuTTY's Pageant is running (and holds your SSH keys).
- ssh-pageant does not start Pageant itself.
- Recommended: Add Pageant to your Windows startup/Autostart configuration
so it is always available.
-
Edit your
~/.bashrc(or~/.bash_profile) to add the following:# ssh-pageant eval $(/usr/bin/ssh-pageant -r -a "/tmp/.ssh-pageant-$USERNAME")To explain:
-
This leverages the
-r/--reuseoption (available since 1.3) in
combination with-a SOCKET, which will only start a new daemon if the
specified path does not accept connections already. If the socket appears
to be active, it will just setSSH_AUTH_SOCKand exit. -
The exact path used for
-ais arbitrary. The socket will be created
with only user-accessible permissions, as long as the filesystem is not
mountednoacl, but you may still want to use a more private path than
shown above on multi-user systems. -
When using this, the
ssh-pageantdaemon remains to be active (and
visible in your task manager). You should not kill the process, since
open shells might still be using the socket. -
Using
evalwill set the environment variables in the current shell.
By default, ssh-pageant tries to detect the current shell and output
appropriate commands. If detection fails, then use the-S SHELLoption
to define a shell type manually.
-
You could also rename ssh-pageant to ssh-agent and then use something like
keychain to manage a single instance (the approach of Charade), but that is
unnecessary with the --reuse option.
It may be possible to share a Cygwin socket with external tools like
msysgit, if you use a socket path accessible by
both runtimes. Use cygpath --windows {path} to help normalize paths for
system-wide use.
Options
ssh-pageant aims to be compatible with ssh-agent options, with a few extras:
$ ssh-pageant -h
Usage: ssh-pageant [options] [command [arg ...]]
Options:
-h, --help Show this help.
-v, --version Display version information.
-c Generate C-shell commands on stdout.
-s Generate Bourne shell commands on stdout.
-S SHELL Generate shell command for "bourne", "csh", or "fish".
-k Kill the current ssh-pageant.
-d Enable debug mode.
-q Enable quiet mode.
-a SOCKET Create socket on a specific path.
-r, --reuse Allow to reuse an existing -a SOCKET.
-t TIME Limit key lifetime in seconds (not supported by Pageant).
Known issues
- Pageant is running, but the agent reports
SSH_AGENT_FAILURE.- Fixed in release 1.1.
- Ensure you have PuTTY Pageant 0.62 or later.
- Another known workaround is to launch Pageant using
cygstart.
Uninstallation
To uninstall, just remove the copied files:
$ rm /usr/bin/ssh-pageant.exe
$ rm /usr/share/man/man1/ssh-pageant.1
Version History
- 2014-11-23: 1.4 - MSYS support and more robust socket paths.
- 2013-06-23: 1.3 - Allow reusing existing sockets via
-r/--reuse. - 2012-11-24: 1.2 - Mirror the exit status of child processes.
- 2011-06-12: 1.1 - Fixed SID issues.
- 2010-09-20: 1.0 - Initial release.
Contributions
ssh-pageant is considered stable at this point and rarely needs to be updated.
However, in case you encounter any issues, feel free to create one. Pull
requests are even more welcome. :)
Project History
Once upon a time I privately developed a Cygwin terminal based on PuTTY, which
I wanted because I could use Cygwin-native ptys with PuTTY's interface. As part
of that I also added an SSH_AUTH_SOCK shim which talked to Pageant. Then I
discovered MinTTY, which does the terminal part much better.
The author wasn't interested in including the SSH_AUTH_SOCK functionality
though, so instead I split that out into this program, ssh-pageant, and I
finally published the code in April 2009.
Links
- PuTTY: An SSH client for Windows (including the Pageant authentication agent).
- Cygwin: A Linux-like environment for Windows.
- MSYS: Another Linux-like environment, made to supplement MinGW.
- MSYS2: The modern successor to MSYS, staying closer to Cygwin development.
- OpenSSH: The SSH client shipped by Cygwin/MSYS.
- Charade: The friendly competition to ssh-pageant.
- weasel-pageant: ssh-pageant for the Windows Subsystem for Linux.
Copyright (C) 2009-2014 Josh Stone
Licensed under the GNU GPL version 3 or later, http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
See the COPYING file for license details.
Part of ssh-pageant is derived from the PuTTY program, whose original license is
in the file COPYING.PuTTY.
