Secure Shell

Ways to make SSH a little easier to use.

Being comfortable with Secure Shell (SSH) makes certain kinds of development work much easier, specifically for remote Git authentication.

Generate an SSH key pair

For instructions, see Generating a new SSH key and adding it to the ssh-agent - GitHub Docs.

If you're performing SSH operations from multiple devices, the most practical way to manage your keys is to create a unique key pair for each device, and add each of those public keys to the services you want to use.

This way you won't have to go through the trouble of copying files across your devices, and if one is compromised, you can just revoke that one key for that one device.

Using an SSH agent

An SSH agent is a background service that can remember your key passphrases for you so you don't have to enter them every time you want to do something over SSH (like git pull operations).


However, getting it to work properly for you can be tricky. Here's a script that works for me and has reduced my frustration with re-entering my passphrase considerably.


# Make sure the directory exists to hold the file
DIR="$HOME/.config" && mkdir -p $DIR

# If ssh-agent isn't running, run it and put its vars in a file.
if ! pgrep -u "$USER" ssh-agent > /dev/null; then
    ssh-agent > "$DIR/$FILENAME"

# If $SSH_AUTH_SOCK is undefined, source the vars file.
if [[ ! "$SSH_AUTH_SOCK" ]]; then
    source "$DIR/$FILENAME" >/dev/null

(Adapted from SSH keys - ArchWiki)

Save this script as a file somewhere (e.g. ~/.ssh-agent) and execute it in your login script (e.g. .bashrc) like so:

# Start SSH agent
if [ -f ~/.ssh-agent ]; then
    . ~/.ssh-agent

Windows 10

Open the Services program, set the "OpenSSH Authentication Agent" service to startup automatically, then start the service.

If you're using Git for Windows, make sure you choose the option labeled "Use external OpenSSH" in the "Choosing the SSH executable" step of the installer.

Reference: OpenSSH in Windows

Now, when you want to save your passphrase, run ssh-add, enter your passphrase when prompted, and you won't have to enter it again until you restart your computer!