Menu
In SourceTree I'm using OpenSSH as authentication and created + added my SSH keys (on Windows) like this:
ssh-keygen -t rsa -C "[email protected]"
(and entered filename, password etc)
Added the key to the SSH agent:
eval "$(ssh-agent)"
ssh-add id_rsa
Added the SSH key to GitLab using
cat id_rsa.pub to print my public key
Added the public key to SourceTree by "Tools > Add SSH key" followed by the password ("Tools > options > SSH client configuration" I've selected OpenSSH).
After these steps I'm able to push and pull code. However, each time I restart SourceTree a terminal pops-up and I have to re-enter my password again*. How can I make SourceTree / the SSH agent remember this password?
ps. my keys are saved in a directory like /d/MyName/Gitlab/ instead of ~/.ssh/ but that shouldn't be a problem, right?
EDIT:
*The message shown in the terminal:
SourceTree is loading your SSH key into the agent for authentication Please enter your passphrase if prompted to do so Enter passphrase for D:\MyName\GitLab\.ssh\id_rsa:
EDIT2:
This solution didn't solve my problem either:
756
Remove all keychain items added by Sourcetree. Restart Mac. Add the accounts back in Sourcetree. Make sure to enter password and click "Always Allow" when keychain prompt is displayed for the new keychain items.
Use ssh-add to add the keys to the list maintained by ssh-agent. After you add a private key password to ssh-agent, you do not need to enter it each time you connect to a remote host with your public key.
SSH uses private/public key pairs to protect your communication with the server. SSH passphrases protect your private key from being used by someone who doesn't know the passphrase. Without a passphrase, anyone who gains access to your computer has the potential to copy your private key.
From Sourcetree, open the PuTTY Key Generator dialog by going to Tools > Create or Import SSH Keys. Click Load, navigate to your SSH folder, and click the private key. Make sure you're looking at All files if you don't see your private key. Enter your passphrase for the SSH key and click OK.
You can use the Windows OpenSSH ssh-agent to manage your keys. The problem is that Sourcetree on windows wants to start its own instance of the ssh-agent instead of using the already running service. Even if you can get that to work it will still prompt for your key passphrase on startup because Sourcetree's ssh-agent process doesn't save your keys to the the Windows keychain.
There are heaps of instructions on how to use Pageant as your ssh agent, but that is not why you're here. You're here because you want to use the OpenSSH agent, with OpenSSH formatted keys, with passphrases but without being prompted for said passphrase all over the place.
The trick is to proxy all requests to Pageant through to your OpenSSH agent.
Install OpenSSH. Start the ssh-agent service and set to automatic. Add your private keys to the agent with
ssh-add <key_file>
Add your public keys to the hosts you want to authenticate with.
Test that you can authenticate via ssh:
ssh -T [email protected]
Your private keys will now be loaded when you log in to your Windows account and you won't have to provide passphrases ever again.
To allow programs and libraries such as Sourcetree, WinSCP and Fabric that normally use Pageant to instead have keys provided by the ssh-agent there is an awesome program https://github.com/ndbeals/winssh-pageant
Follow instructions to install winssh-pageant, schedule it as a task to start on windows startup.
Now all calls to Pageant's NamedPipe will be proxied to the OpenSSH agent.
The last step to get SourceTree working with OpenSSH is a bit counter-intuitive. Go to Tools | Options | General and set the SSH Client to PuTTY/Plink and uncheck the "Automatically start SSH agent when Sourcetree opens".
151
You manually start your agent and set environment variables in order for commands to find it.
Whenever you start your a command (like SourceTree) without those environment variables set, that command is not able to access the agent and therefore asks for your password.
Making your agent start on system startup should solve things.
If ssh cannot reach the agent it will also look into ~/.ssh/ therefor if you place you keys there it should work, too. (Have a look at man ssh.)
41
I solved this issue following these steps:
Note that your id_rsa.ppk must be inside C:\Users\{my-user}\.ssh directory
If for some reason your id_rsa.ppk is protected by a passphrase and you are sure you won't have security issues. Just remove the passphrase.
To remove the id_rsa.ppk's passphrase, follow these steps
Hope that helped!
1
After did below test, the password never asked for me.
To test whether your SSH key was added correctly, run the following command in your terminal (replacing gitlab.com with your GitLab's instance domain): ssh -T [email protected]
The first time you connect to GitLab via SSH, you should verify the authenticity of the GitLab host that you're connecting to. For example, when connecting to GitLab.com, answer yes to add GitLab.com to the list of trusted hosts: The authenticity of host 'gitlab.com (35.231.145.151)' can't be established. ECDSA key fingerprint is SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw. Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitlab.com' (ECDSA) to the list of known hosts. NOTE: Note: For GitLab.com, consult the SSH host keys fingerprints, section to make sure you're connecting to the correct server. For example, you can see the ECDSA key fingerprint shown above in the linked section. Once added to the list of known hosts, you should validate the authenticity of GitLab's host again. Run the above command once more, and you should only receive a Welcome to GitLab, @username! message. If the welcome message doesn't appear, you can troubleshoot the problem by running ssh in verbose mode with the following command: ssh -Tvvv [email protected]
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
