Why git can't remember my passphrase under Windows

Question

I realize that this question is coming up on two years old, but I had the same issue and several answers here did not completely answer the question for me. Here are three step-by-step solutions, depending on whether you use TortoiseGit in addition to msysgit or not.

First solution Assumes Windows, msysgit, and PuTTY.

1. Install msysgit and PuTTY as instructed.

2. (Optional) Add PuTTY to your path. (If you do not do this, then any references to PuTTY commands below must be prefixed with the full path to the appropriate executable.)

3. If you have not done so already, then generate a key hash as instructed at GitHub or as instructed by your Git host.

4. Again, if you have not already done so, convert your key for use with PuTTY's pageant.exe using puttygen.exe. Instructions are in PuTTY's documentation, in this helpful guide, and several other places in cyberspace.

5. Run PuTTY's pageant.exe, open your .ppk file ("Add Key"), and provide your passphrase for your key.

6. Access Windows' environment variables dialog (Right-click on "Computer", Click on "Properties", Click on "Advanced system settings" or the "Advanced" tab, click on "Environment Variables"). Add the following environment variable:

   GIT_SSH=C:\full\path\to\plink.exe

   Replace "C:\full\path\to" with the full installation path to PuTTY, where plink.exe is found. It is probably best to add it to the "User variables" section. Also, make sure that the path you use to plink.exe matches the path you use for Pageant (pageant.exe). In some cases, you may have several installations of PuTTY because it might be installed along with other applications. Using plink.exe from one installation and pageant.exe from another will likely cause you trouble.

7. Open a command prompt.

8. If you are trying to connect to a git repository hosted at Github.com then run the following command:

   plink.exe [email protected]

   If the git repository you are trying to connect to is hosted somewhere else, then replace [email protected] with an appropriate user name and URL. (Assuming Github) You should be informed that the server's host key is not cached, and asked if you trust it. Answer with a y. This will add the server's host key to PuTTY's list of known hosts. Without this step, git commands will not work properly. After hitting enter, Github informs you that Github does not provide shell access. That's fine...we don't need it. (If you are connecting to some other host, and it gives you shell access, it is probably best to terminate the link without doing anything else.)

9. All done! Git commands should now work from the command line. You may want to have pageant.exe load your .ppk file automatically at boot time, depending on how often you'll be needing it.

Second solution Assumes Windows, msysgit, and TortoiseGit.

TortoiseGit comes with PuTTY executables and a specially modified version of plink (called TortoisePlink.exe) that will make things easier.

1. Install msysgit and TortoiseGit as instructed.

2. If you have not done so already, then generate a key hash as instructed at GitHub or as instructed by your Git host.

3. Again, if you have not already done so, convert your key for use with TortoiseGit's pageant.exe using TortoiseGit's puttygen.exe. Instructions are in PuTTY's documentation, in the helpful guide linked to in the first solution, and in several other places in cyberspace.

4. Run TortoiseGit's pageant.exe, open your .ppk file ("Add Key") and provide your passphrase for your key.

5. Access Windows' environment variables dialog (Right-click on "Computer", Click on "Properties", Click on "Advanced system settings" or the "Advanced" tab, click on "Environment Variables"). Add the following environment variable:

   GIT_SSH=C:\full\path\to\TortoisePlink.exe

   Replace "C:\full\path\to" with the full installation path to TortoiseGit, where TortoisePlink.exe is found. It is probably best to add it to the "User variables" section. Also, make sure that the path you use to TortoisePlink.exe matches the path you use for Pageant (pageant.exe). In some cases, you may have several installations of PuTTY because it might be installed along with other applications. Using TortoisePlink.exe from the TortoiseGit installation and pageant.exe from another installation of a different application (or from a standalone PuTTY installation) will likely cause you trouble.

6. All done! Git commands should now work from the command line. The first time you try to connect to your git repository you will probably be informed that the server's host key is not cached, and asks if you trust the server. Click on "Yes". (This is TortoisePlink.exe in action.)

   You may want to have pageant.exe load your .ppk file automatically at boot time, depending on how often you'll be needing it.

Third solution Assumes Windows, msysgit, and the native command prompt.

1. Install msysgit
2. Make sure to allow git to be used on the MS-DOS command prompt
3. Run start-ssh-agent
4. Enter SSH passphrases
5. All done! Git commands should now work in the native command prompt.

Every time I set up a new desktop I forget these instructions, so I'm adding another answer here since I stumble across it equally often!

---

Quick Steps for Impatient Users Like Me

1. Enable the OpenSSH Authentication Agent service and make it start automatically.
   • 👉 Update 👈
   • With the latest Windows update Version 10.0.19042.867 I had to re-do this step!
2. Add your SSH key to the agent with ssh-add on the command line.
3. Test git integration, if it still asks for your passphrase, continue on.
4. Add the environment variable $ENV:GIT_SSH=C:\Windows\System32\OpenSSH\ssh.exe to your session, or permanently to your user environment.

---

Detailed Steps: Overview

Windows has been shipping with OpenSSH for some time now. It includes all the necessary bits for ssh to work alongside Git, but it still seems to need some TLC before it works 100% seamlessly. Here's the steps I've been following with success as of Windows ver 10.0.18362.449 (you can see your Windows 10 version by opening a cmd.exe shell and typing ver).

I assume here that you already have your SSH key setup, and is located at ~/.ssh/id_rsa

Enable the ssh-agent service on your Windows 10 box.

1. Start-> Type 'Services' and click on the Services App that appears.
2. Find the OpenSSH Authentication Agent service in the list.
3. Right-click on the OpenSSH Authentication Agent service, and choose 'Properties'.
4. Change the Startup type: to Automatic.
5. Click the Start button to change the service status to Running.
6. Dismiss the dialog by clicking OK, and close the Services app.

Add your key to the ssh-agent

1. Open your shell of preference (I'll use Windows Powershell in this example, applies to Powershell Core too).
2. Add your SSH key to the ssh-agent: ssh-add (you can add the path to your key as the first argument if it differs from the default).
3. Enter your passphrase if/when prompted to do so.

Try Git + SSH

1. Open your shell (again, I'm using Powershell) and clone a repo. git clone [email protected]:octocat/Spoon-Knife
2. If you see this prompt, continue on to the next section:

Enter passphrase for key '/c/Users/your_user_name/.ssh/id_rsa':

Set your GIT_SSH Environment Variable

In any session you can simply set this environment variable and the prompt for your passphrase will stop coming up and ssh will use the ssh-agent on your behalf. Alternatively, you can set your passphrase into your user's environment permanently.

To set GIT_SSH in the current shell only:

1. Open your shell of preference. (Powershell for me)
2. Set the environment variable GIT_SSH to the appropriate ssh.exe: $Env:GIT_SSH=$((Get-Command -Name ssh).Source)
3. Retry the steps in Try Git + SSH above.

To set GIT_SSH permanently

1. Open File Explorer. Start-> type 'File Explorer' and click on it in the list.
2. Right-click 'This PC' and click on 'Properties'.
3. Click on 'Advanced system settings'.
4. Click the 'Environment Variables...' button.
5. Under 'User variables for your_user_name' click New...
6. Set Variable name: field to GIT_SSH
7. Set the Variable value: field to path-to-ssh.exe (typically C:\Windows\System32\OpenSSH\ssh.exe).
8. Click OK to dismiss the New User Variable dialog.
9. Click OK to dismiss the Environment Variables dialog.
10. Retry the steps in Try Git + SSH above.

---

Note that this is likely going to change with new steps/procedures as Windows 10 progresses and as I learn more. I will attempt to keep this updated, I look forward to feedback in the comments.

In case you are using Git bash under Windows you can perform the following:

eval `ssh-agent -s`
ssh-add ~/.ssh/*_rsa

it will ask for pass phrase in the second command, and that's it. Each additional action you will need to do (which once required pass phrase) won't ask you for the pass phrase (see an example in the screen shot below):

For anybody needing more detailed instructions, see this page: http://help.github.com/working-with-key-passphrases/

One extra solution 5 years, 8 months and 6 days after the question was posted wouldn't be a bad idea so here goes.

NOTE: Assumes you are using a windows computer.

1. Download the git-credential-winstore.
2. Run it! If you have GIT in your PATH environment variable, it should just work. If you don't, run git-credential-winstore -i C:\Path\To\Git.exe.

The next time you attempt to commit to a repository, you'll be prompted to enter your credentials. That should be it. You will not be asked for your credentials any longer until you change your password.

---

Just for your knowledge... Your credentials are stored in the Windows Credential Store

Where are you storing my credentials?

This app just uses the existing Windows Credential Store to hold your credentials. You can see the stored credentials by going to Control Panel > User Accounts > Credential Manager and choosing "Windows Credentials". The entries starting "git:" are from git-credential-winstore.