Keep It Simple Stupid

Git SSH Keys on Windows

| comments

Some time ago, the team I’m working at finally moved from subversion to git as our primary version control system. To tell the truth, I was not the last one to promote the idea (as I’ve been using git for about three years now, and it’s clearly superior that svn). A standard step in setting up git clients is creating an ssh public/private key pair. It’s as easy as pie to do on Linux and OS X with openssh, but we also had some workstations on windows (gross!).

The initial instruction (not mine) for generating the keys on windows suggested using puttygen tool coming with TortoiseGit GUI. Everybody successfully generated the keys with it in advance, and the access was OK from the GUI. Then the Day came, when we dropped the svn and started to use git instead. I convinced everyone to try the command-line git interface, which is more convenient, especially when using a more or less nice terminal (how to setup article).

The setup of SSH keys in msysgit is pretty much the same as on other UNIXes. So I created ~/.ssh directory, where I put the private and public keys as id_rsa and files. However, neither git nor ssh-keygen -y worked. They both would print “load failed” after entering the password, even though the password was 100% correct:

$ ssh-keygen -y -f ~/.ssh/id_rsa
Enter passphrase:
load failed

I was almost desperate not knowing what was causing the problem when it hit me that putty and openssh might be using different key formats. They do in fact. To convert the putty private key to the regular openssh format use the following howto: Sure, after that ssh worked great.

A small tip: if your private key is protected with a passphrase, you’ll get fed up with entering it each time of communicating with the server. To get around that, an ssh agent is used. Add the following line at the end of /etc/profile file, so your git-bash will only ask it once when you open a terminal:

eval $(ssh-agent) && ssh-add