benpye / wsl-ssh-pageant Goto Github PK

View Code? Open in Web Editor NEW

612.0 22.0 40.0 124 KB

A Pageant -> TCP bridge for use with WSL, allowing for Pageant to be used as an ssh-ageant within the WSL environment.

License: BSD 2-Clause "Simplified" License

Go 85.04% PowerShell 14.96%

pageant wsl ssh windows windows-10 windows-subsystem-linux linux putty openssh windows-11

wsl-ssh-pageant's Introduction

wsl-ssh-pageant

Why

I use a Yubikey to store a GPG key pair and I like to use this key pair as my SSH key too. GPG on Windows exposes a Pageant style SSH agent and I wanted a way to use this key within WSL. I have rewritten this in Go as it means the release is a single simple binary, and I like Go.

How to use with WSL

On the Windows side start Pageant (or compatible agent such as gpg4win).
Run wsl-ssh-pageant.exe --wsl C:\wsl-ssh-pageant\ssh-agent.sock (or any other path, max ~100 characters)
In WSL export the SSH_AUTH_SOCK environment variable to point at the socket, for example, if you have ssh-agent.sock in C:\wsl-ssh-pageant

$ export SSH_AUTH_SOCK=/mnt/c/wsl-ssh-pageant/ssh-agent.sock

The SSH keys from Pageant should now be usable by ssh

How to use with Windows 10 native OpenSSH client

On the Windows side start Pageant (or compatible agent such as gpg4win).
Run wsl-ssh-pageant.exe --winssh ssh-pageant (or any other name)
In cmd export the SSH_AUTH_SOCK environment variable or define it in your Environment Variables on Windows. Use the name you gave the pipe, for example:

$ set SSH_AUTH_SOCK=\\.\pipe\ssh-pageant

The SSH keys from Pageant should now be usable by the native Windows SSH client, try using ssh in cmd.exe

Systray Integration

To add an icon to the systray run wsl-ssh-pageant.exe --systray --winssh ssh-pageant (or using --wsl).

Note

You can use both --winssh and --wsl parameters at the same time with the same process to proxy for both

Frequently asked questions

How do I download it?

Grab the latest release on the releases page.

How do I build this?

For WSL support you will need Go 1.12 or later,. Go 1.12 added support for AF_UNIX sockets on Windows.

To create the assets.go run:

go generate

To create a build without a console window:

go build -ldflags -H=windowsgui

What version of Windows do I need?

You need Windows 10 1803 or later for WSL support as it is the first version supporting AF_UNIX sockets. You can still use this with the native Windows SSH client on earlier builds.

The -gui.exe binary doesn't have a GUI? (immediately closes)

The difference between the gui.exe binary and the regular binaries is the subsystem as set in the PE header. The gui.exe binary is set with the Win32 subsystem so that it doesn't spawn a command line, allowing it to be launched on startup. The regular binary has the console subsystem so it does launch a command line if double clicked, and will block the command line as expected. Note: You may launch either binary with the -systray flag to have a systray icon whilst the tool is running, this only provides a way to quit the application.

You didn't answer my question!

Please open an issue, I do try and keep on top of them, promise.

Credit

Thanks to John Starks for npiperelay for an example of a more secure way to create a stream between WSL and Linux before AF_UNIX sockets were available.
Thanks for Mark Dietzer for several contributions to the old .NET implementation.

wsl-ssh-pageant's People

Contributors

Stargazers

Watchers

wsl-ssh-pageant's Issues

WSL SSH doesn't check win-pageant for key

I have a private key loaded in win-pageant at startup that I want to use within WSL. wsl-ssh-pageant worked for me until a few weeks ago. Note that I cannot rule out that I changed something on my end.

I am running wsl-ssh-pageant as follows.

C:\portables\wsl-ssh-pageant-amd64-gui.exe -systray -verbose -wsl C:\Users\jeffl\Documents\ssh-agent.sock

pageant runs at startup and successfully loads my key after I type the passphrase.

Within WSL bash, I am exporting the variable.

export SSH_AUTH_SOCK=/mnt/c/Users/jeffl/Documents/ssh-agent.sock

I expect to see the key loaded when I type 'ssh-add -L' in WSL.

jeffl@DELLT20:~$ ssh-add -L
Error connecting to agent: Connection refused
jeffl@DELLT20:~$

Are my assumptions incorrect? What is going wrong here?

Can't get authentication to work with WSL or Windows 10 SSH - What am I missing?

Hello,

I've been trying to login to a server using keys loaded in pageant, but have had no luck with either WSL or Windows SSH. The steps I have done so far:

Ensure pageant is running with various keys
Run wsl-ssh-pageant with the following command wsl-ssh-pageant-amd64-gui.exe -force -systray -wsl C:\Users\avggeek\.wsl-ssh\ssh-agent.sock -winssh ssh-pageant
Set SSH_AUTH_SOCK in cmd.exe using the following command set SSH_AUTH_SOCK=\\.\pipe\ssh-pageant
Try to login to a server which has keys loaded in pageant using the following command ssh -vvvv -T [email protected] -p 122
SSH login does not find the loaded keys, and instead prompts me to enter a password:

OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug3: Failed to open file:C:/Users/avggeek/.ssh/config error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2
debug2: resolve_canonicalize: hostname XX.XX.XXX.XXX is address
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to XX.XX.XXX.XXX [XX.XX.XXX.XXX] port 122.
debug1: Connection established.
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_rsa error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_rsa.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_rsa type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_rsa-cert error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_rsa-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_rsa-cert type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_dsa error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_dsa.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_dsa type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_dsa-cert error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_dsa-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_dsa-cert type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ecdsa error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ecdsa.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_ecdsa type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ecdsa-cert error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ecdsa-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_ecdsa-cert type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ed25519 error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ed25519.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_ed25519 type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ed25519-cert error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_ed25519-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_ed25519-cert type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_xmss error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_xmss.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_xmss type -1
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_xmss-cert error:2
debug3: Failed to open file:C:/Users/avggeek/.ssh/id_xmss-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\avggeek/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u7
debug1: match: OpenSSH_7.4p1 Debian-10+deb9u7 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to XX.XX.XXX.XXX:122 as 'avggeek'
debug3: put_host_port: [XX.XX.XXX.XXX]:122
debug3: hostkeys_foreach: reading file "C:\\Users\\avggeek/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\avggeek/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys from [XX.XX.XXX.XXX]:122
debug3: Failed to open file:C:/Users/avggeek/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: [email protected],ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: ssh-ed25519,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256
debug2: ciphers ctos: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
debug2: ciphers stoc: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
debug2: MACs ctos: [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,[email protected]
debug2: MACs stoc: [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,[email protected]
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:ceW76IAd8FpgT/DAZIfwSXUa9xSwTljujF+JvKWXq1I
debug3: put_host_port: [XX.XX.XXX.XXX]:122
debug3: put_host_port: [XX.XX.XXX.XXX]:122
debug3: hostkeys_foreach: reading file "C:\\Users\\avggeek/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\avggeek/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys from [XX.XX.XXX.XXX]:122
debug3: Failed to open file:C:/Users/avggeek/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: hostkeys_foreach: reading file "C:\\Users\\avggeek/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\avggeek/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys from [XX.XX.XXX.XXX]:122
debug3: Failed to open file:C:/Users/avggeek/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug1: Host '[XX.XX.XXX.XXX]:122' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\avggeek/.ssh/known_hosts:6
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug1: pubkey_prepare: ssh_fetch_identitylist: Invalid key length
debug2: key: C:\\Users\\avggeek/.ssh/id_rsa (0000000000000000)
debug2: key: C:\\Users\\avggeek/.ssh/id_dsa (0000000000000000)
debug2: key: C:\\Users\\avggeek/.ssh/id_ecdsa (0000000000000000)
debug2: key: C:\\Users\\avggeek/.ssh/id_ed25519 (0000000000000000)
debug2: key: C:\\Users\\avggeek/.ssh/id_xmss (0000000000000000)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
*****************************************************************
*This is a private SSH service.*
*Unless you know why you are here, Please leave immediately. *
*****************************************************************
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\avggeek/.ssh/id_rsa
debug3: no such identity: C:\\Users\\avggeek/.ssh/id_rsa: No such file or directory
debug1: Trying private key: C:\\Users\\avggeek/.ssh/id_dsa
debug3: no such identity: C:\\Users\\avggeek/.ssh/id_dsa: No such file or directory
debug1: Trying private key: C:\\Users\\avggeek/.ssh/id_ecdsa
debug3: no such identity: C:\\Users\\avggeek/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: C:\\Users\\avggeek/.ssh/id_ed25519
debug3: no such identity: C:\\Users\\avggeek/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: C:\\Users\\avggeek/.ssh/id_xmss
debug3: no such identity: C:\\Users\\avggeek/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
debug3: failed to open file:C:/dev/tty error:3
debug1: read_passphrase: can't open /dev/tty: No such file or directory
[email protected]'s password:

It seems like the SSH_AUTH_SOCK is not actually visible to SSH but apart from that I'm not able to determine what is going wrong. Would appreciate any help that I can get in figuring out what I'm doing wrong!

GUI versions don't seem to have any GUI when run

The GUI releases have no GUI when run, and silently exit.
When run through the command line, they behave like the no GUI versions.

Support for WSL2

According to a similar project, rupor-github/wsl-ssh-agent#3, it seems this is not possible yet, but I just wanted to make an issue to cover it for anyone else was doing some digging.

It seems that the Windows/Unix socket interoperability does not work yet for WSL 2.

Compiled binary?

Is there a pre-compiled binary available?

Connection always refused

Hey there,
I'm currently facing the issue no matter what I do, I always get an Connection refused by the ssh-agend inside of my WSL 2 instance.

Here what I did:

Downloaded and put the wsl-ssh-pageant-amd64.exe to C:\Tools\wsl-ssh-agent\wsl-ssh-pageant-amd64.exe.
Create the directory C:\wsl-ssh-pageant
Run pagent
Loaded the public key to pagent (the key is stored in my KeePass file, KeePassXC loads the key into the pagent)
Started wsl-ssh-pageant-amd64.exe within cmd (C:\Tools\wsl-ssh-agent\wsl-ssh-pageant-amd64.exe --systray --wsl C:\wsl-ssh-pageant\ssh-agent.sock --verbose)
set SSH_AUTH_SOCK to SSH_AUTH_SOCK
Ran ssh-add -l

Output inside of WSL:

[phg@AINCRAD ~]$ export SSH_AUTH_SOCK=/mnt/c/wsl-ssh-pageant/ssh-agent.sock
[phg@AINCRAD ~]$ ssh-add -l
Error connecting to agent: Connection refused

Output from wsl-ssh-pageant-amd64 running on windows:

C:\Users\philip>C:\Tools\wsl-ssh-agent\wsl-ssh-pageant-amd64.exe --systray --wsl C:\wsl-ssh-pageant\ssh-agent.sock --verbose
2020/12/22 15:47:05 Listening on Unix socket: C:\wsl-ssh-pageant\ssh-agent.sock

The strange thing is that I don't get any log messages that there was a try to connect to socket.

I also tried to put the socket file in different locations.
No change of this behaviour.

Any Ideas where i'm doing mistakes?

"How to use with Windows 10 native OpenSSH client" is no longer needed

FYI,
As of gpg 2.4.0 (GpG4Win 4.1.0) there is a new option enable-win32-openssh-support that enables the correct pipe for Microsoft OpenSSH build to work out of the box.

Powershell Integration

It would be very useful, if this would work with Powershell too.

# Version
$PSVersionTable

Name                           Value
----                           -----
PSVersion                      7.1.0
PSEdition                      Core
GitCommitId                    7.1.0
OS                             Microsoft Windows 10.0.18363
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

# Run exe
.\wsl-ssh-pageant-amd64-gui.exe --winssh ssh-pageant -force

# Export
$env:SSH_AUTH_SOCK="\\.\pipe\winssh-pageant"

# Echo
$env:SSH_AUTH_SOCK
\\.\pipe\winssh-pageant

Is there a way to use this within Powershell?

Does not work with Windows <1803

Program exits cleanly without any errors when AF_UNIX is not present on the operating system.
Some kind of warning inside a catch block, maybe?

Strange errors with Gpg4Win

Hello,

I'm the owner of a Gnuk Token (still a smartcard 💯 ), and i followed all the steps to have ssh-based key working. The problem is, i've got strange errors from the wsl-ssh-pageant.exe
CMD with Admin rights :

C:\Users\Romain>C:\wsl\wsl-ssh-pageant.exe --wsl c:\wsl\ssh-agent.sock --verbose
2020/05/16 20:22:37 Listening on Unix socket: c:\wsl\ssh-agent.sock
2020/05/16 20:22:40 New connection: &{{0xc000182000}}
2020/05/16 20:22:40 Pageant query error 'WM_COPYDATA failed'
2020/05/16 20:22:40 io.ReadFull error 'EOF'
2020/05/16 20:22:44 New connection: &{{0xc0000d0000}}
2020/05/16 20:22:44 Pageant query error 'Could not find Pageant window'
2020/05/16 20:22:44 io.ReadFull error 'EOF'
2020/05/16 20:22:46 New connection: &{{0xc00007f900}}
2020/05/16 20:22:46 Pageant query error 'Could not find Pageant window'
2020/05/16 20:22:46 io.ReadFull error 'EOF'
2020/05/16 20:22:47 New connection: &{{0xc00007fb80}}
2020/05/16 20:22:47 Pageant query error 'Could not find Pageant window'
2020/05/16 20:22:47 io.ReadFull error 'EOF'
2020/05/16 20:23:08 New connection: &{{0xc0000d0280}}
2020/05/16 20:23:08 Pageant query error 'WM_COPYDATA failed'

( C:\wsl is not the path of WSL, if it matters ) i run Debian's WSL.

In WSL, here is the content added to my .bashrc :

gpg-connect-agent.exe /bye
gpg-connect-agent.exe "scd serialno" "learn --force" /bye
SSH_AUTH_SOCK=/mnt/c/wsl/ssh-agent.sock

I'm running the last version of Gpg4win.
I hope there is a solution or someone will find out that i made stupid errors 🥇 .

Romain.

Use Windows OpenSSH as key backing, Instead of PuTTY

Hello!

I'm trying to figure out how viable it'd be for me to use the windows OpenSSH ssh-agent as the key agent, instead of Pageant, and instead have this program "proxy" pageant requests back to the openssh-agent. Similar to https://github.com/rupor-github/ssh-agent-wsl (Which I'm already using) but with Pageant support.

Thanks for your time!

Feature request: --setx parameter

Hi,

I'm sure that most of you are using Copy&Paste when running this nice tool. However, a simple workaround exists: The command SETX.

In windows you can use SETX SSH_AUTH_SOCK "\\.\pipe\ssh-pageant" (warning, without the equal sign) and then you have the var in your HKEY_CURRENT_USER user environment. So any program that you run/open after it will receive the var. Tip: You can unset/delete with SETX SSH_AUTH_SOCK ""

So my request is to add the parameter --setx to automatically use SETX to "share" the environment variable at starting AND unset it when finalizing.

I hope you agree! 😉

Win32-SSH Not connecting to SSH-Pageant Pipe

Ive been trying to setup up wsl-ssh-pageant for Using GPG-Agent with the built in OpenSSH of Windows.

The primary reasons for this:

.ssh/config file usage
Cleaner, can use just cmd or powershell with ssh instead of Putty or Plink
(hopefully) SSH integration in VScode should work with my Yubikey and GPG-Agent

I have followed the intructions layed out in the Readme.md, but havent had any luck.

Environment Variable:

CMD wsl-ssh-pageant call:

SSH Call:

C:\Users\Will>ssh [User]@[Server IP] -v
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug1: Reading configuration data [User Home]/.ssh/config
debug1: Connecting to [Server IP] [[Server IP]] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_ed25519-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_xmss type -1
debug1: key_load_public: No such file or directory
debug1: identity file [User Home]/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 [Server Type]
debug1: match: OpenSSH_7.9p1 [Server Type] pat OpenSSH* compat 0x04000000
debug1: Authenticating to [Server IP]:22 as 'pi'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:[Server Public Key]
debug1: Host '[Server IP]' is known and matches the ECDSA host key.
debug1: Found key in [User Home]/.ssh/known_hosts:17
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: [User Home]/.ssh/id_rsa
debug1: Trying private key: [User Home]/.ssh/id_dsa
debug1: Trying private key: [User Home]/.ssh/id_ecdsa
debug1: Trying private key: [User Home]/.ssh/id_ed25519
debug1: Trying private key: [User Home]/.ssh/id_xmss
debug1: No more authentication methods to try.
[User]@[Server IP]: Permission denied (publickey).

Troubleshooting

It seems to me (Since there is never output from the --verbose wsl-ssh-pageant call... That the OpenSSH agent is never accessing the pipe.

I checked if the pipe existed and if the Environment variable existed with:

type %SSH_AGENT_SOCK%

Leading to the Output:

This leads to an output from the --verbose call:

BUT:
Alas, still not working... Is there some weird thing im missing?

(Im also 100% sure GPG-Agent is running since Putty/Plink work, and that it isnt some other Pageant agent, as the GPG authentication [Yubikey] works when ssh is tested with Putty\Plink)

Thanks for the great tool!
Really Hope I can get it working!

HWND not found

Hi,
when I try to use ssh on wsl I get the following error:

WSL AF_UNIX socket listening on c:\Tools\wsl-ssh-pageant\sock\ssh-agent.sock
WslSSHPageant.PageantException: HWND not found
   at WslSSHPageant.PageantHandler.Query(ArraySegment`1 buf) in C:\projects\wsl-ssh-pageant\PageantHandler.cs:line 115
   at WslSSHPageant.SSHAgentClient.<ServiceSocket>d__7.MoveNext() in C:\projects\wsl-ssh-pageant\SSHAgentClient.cs:line 131
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at WslSSHPageant.SSHAgentClient.<WorkSocket>d__6.MoveNext() in C:\projects\wsl-ssh-pageant\SSHAgentClient.cs:line 57
^C
c:\Tools\wsl-ssh-pageant>wsl-ssh-pageant.exe --wsl c:\Tools\wsl-ssh-pageant\sock\ssh-agent.sock
WSL AF_UNIX socket listening on c:\Tools\wsl-ssh-pageant\sock\ssh-agent.sock
WslSSHPageant.PageantException: HWND not found
   at WslSSHPageant.PageantHandler.Query(ArraySegment`1 buf) in C:\projects\wsl-ssh-pageant\PageantHandler.cs:line 115
   at WslSSHPageant.SSHAgentClient.<ServiceSocket>d__7.MoveNext() in C:\projects\wsl-ssh-pageant\SSHAgentClient.cs:line 131
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at WslSSHPageant.SSHAgentClient.<WorkSocket>d__6.MoveNext() in C:\projects\wsl-ssh-pageant\SSHAgentClient.cs:line 57

Virus or malware detected in 20201121.2 wsl-ssh-pageant-amd64.exe

I tried downloading your latest wsl-ssh-pageant-amd64.exe (from 20201121.2) and Windows reports detecting a virus in that file. No such issue with the same file of the previous 20201121.1 release.

Socket should be deleted on application exit

I have a shortcut on my shell:startup to open Pageant with my key and after start wsl-ssh-pageant using WSL socket:

"C:\Program Files\PuTTY\pageant.exe" "C:\Users\lucsavc\lucsavc.ppk" -c "C:\Users\lucsavc\software\wsl-ssh-pageant\wsl-ssh-pageant-amd64-gui.exe" --systray --wsl "%TMPDIR%\wsl-ssh-pageant.sock"

When shuting down the computer normally, seems that systray application is not stopped and the socket file is left there.
So next start, application won't start as socket is already there.

New AF_UNIX support in Windows

I have tweaked your wsl-ssh-pageant to use AF_UNIX sockets (available in new insider builds).
I would PR it in, but it isn't in stable yet, so feel free to pull it into a side-branch instead (will PR for sure once it hits stable).
This makes the interface much cleaner and avoids the necessity for socat and forking tons of processes.
https://github.com/Doridian/wsl-ssh-pageant

Pre-release versions triggering Trend Micro Apex One - do pre-releases feature telemetry?

When attempting to launch pre-release version 20200408.1, I get a warning from Trend Micro Apex One:

This error does not happen with the release version 20190513.14 - the fact there's a target pointing back to what looks kinda like github suggests that perhaps the pre-releases are trying to phone home with some telemetry? Is this the case?

Is a release version coming soon?

Agent sops working randomly

I am using the agent only on windows, launching it with the following call:

.\wsl-ssh-pageant-amd64-gui.exe -systray --winssh ssh-pageant

I use it to connect my GPG key to OpenSSH on Windows 10 (21H1 19043.1320). Sometimes when I try to connect I notice that the agent is not running any more and I need to restart it.

I have not found the source of what's stopping it but it happens every 2-5 hours.

Following Instructions for WSL results in invalid ELF header

I am trying to get pageant working with WSL2 on windows 10 build 1903 - I'm mainly stuck on the part where the SSH agent opens the DLL for pageant to prompt for authentication. I'm running the following command for my socket on windows Powershell (unelevated):

> pwd
C:\Users\user\.wsl\
> ls
wsl-ssh-pageant.exe
> .\wsl-ssh-pageant.exe --wsl C:\Users\haraksin\.wsl\ssh-agent.sock --systray
2024/01/22 12:59:26 Listening on Unix socket: C:\Users\user\.wsl\ssh-agent.sock

My pageant certificate is a dll, which I have stored in my WSL SSH config as such:

Host myhost-test.com
        User user
        PKCS11Provider "/mnt/c/Program Files/HID Global/ActivClient/acpkcs211.dll"

and when WSL2 tries to open that, it fails with this message:

dlopen /mnt/c/Program Files/Package/acpkcs211.dll failed: /mnt/c/Program Files/Package/acpkcs211.dll: invalid ELF header

I'm unsure where this is failing, at the Npiperelay, or the ssh socket, so I thought I'd start here. Thanks for the help, and I hope this gets other people to a closer solution.

got error on WIndows 11.

I try to upgraded windows to 22000.168, and it work normally now...

Specifying non-existant directory fails silently

By mistake, I specified a path that doesn't exist as the path for WSL socket, which failed silently, without any message. I would like if either wsl-ssh-pageant told me so, or if it created the directory.

Crash on connected

On my environment, it crashes when I try to connect to the Pageant. Until I actually connect the process is running, but it suddenly dies by any connection. Here is a log:

$ while true; do socat UNIX-LISTEN:/tmp/wsl-ssh-pageant.socket,unlink-close,unlink-early TCP4:127.0.0.1:13000; done &
$ export SSH_AUTH_SOCK=/tmp/wsl-ssh-pageant.socket
$ /mnt/c/Program\ Files/wsl-ssh-pageant/wsl-ssh-pageant.exe  &
[2] 6085
$ Listening on 127.0.0.1:13000
$ git pull
Unhandled Exception: System.IO.FileNotFoundException
   at System.Net.SocketAddressPal.GetAddressFamily(Byte[] buffer)
   at System.Net.Sockets.IPEndPointExtensions.Create(EndPoint thisObj, SocketAddress socketAddress)
   at System.Net.Sockets.AcceptOverlappedAsyncResult.PostCompletion(Int32 numBytes)
   at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)

Bash: Bash on Ubuntu on Windows (Ubuntu 16.04), on Windows 10 Creators Update
Pageant: Pageant 0.7.0 (bundled to TortoiseGit)

Docker/GPG support

Hello,
I've a working implementation of docker support for forwarding the named pipe (\\.pipe\\docker_engine) into a socket (-docker PATH) usable from wsl. Do you have interest in accepting this functionality into your tool? Maybe you want to keep this tool related to only ssh-pageant, that's why I'm asking before opening a PR.

If you consider this interesting, I would be glad to prepare a PR for review.

Edit: I've took this a little further by adding gpg support to use for e.g. gpg for signing commits within wsl.

Windows 10 creator support

I just updated to Windows 10 creator edition, and then did a reinstall of my WSL environment. Now wsl-ssl-pageant does not seem to work. Is this a new issue?

Add an error message if the HWND user is not the same as the current user.

Came across this yesterday. If a user inadvertently runs gpg-agent/Pageant as another user (Administrator) then wsl-ssh-pageant will be able to get the window handle, it will fail sending the WM_COPYDATA message. It would be nice to check the user of the window to give some idea what's going on.

NoGUI executales are blocked for download by browsers due to malicious content.

I tried to download but both 32- and 64 no-gui versions are reported by Chrome, FireFox and Edge as risk files and blocked by default.
Virustotal shows many av-vendors reporting trojan like code in there. I'm not a coder but if I can do anything to help to make this software work safely please let me know.

//Serge

Application silently exits when SSH_AUTH_SOCK file already exists

I just had an issue that I was unable to execute neither wsl-ssh-pageant or wsl-ssh-pageant-gui. Both just exited immediately, without any error message or log file produced. It was quite hard to debug and it took me some time to notice that the SSH_AUTH_SOCK file already existed. Probably some leftover from a previous run. I just deleted the file and it was working again.

It would be good to display some error message in such case to make user's life easier.

Installation

Hey there, thanks for the great project.
I wrote a quick installer with PowerShell, which registers wsl-ssh-pageant as a Scheduled Task on startup. Just giving a heads up if you'd like to pull some of the work in here to help out, the license allows it.
I first tried it with an NT service, but the pipe becomes unavailable to processes which are not elevated, so I went with the scheduled task.
https://github.com/giggio/wsl-ssh-pageant-installer
Cheers.

cannot compile

hi,
I am new to visual studio and I am missing some points on how to compile the code.

I managed to open the project, manuall set the output path, add a missing assembly reference System.Net but VS persists on the following errors:

Error CS0234 The type or namespace name 'Sockets' does not exist in the namespace 'System.Net' (are you missing an assembly reference?)
Error CS0103 The name 'IPAddress' does not exist in the current context
Error CS0246 The type or namespace name 'TcpListener' could not be found (are you missing a using directive or an assembly reference?)
Error CS0246 The type or namespace name 'TcpClient' could not be found (are you missing a using directive or an assembly reference?)

I verified that .NET 4.0 (full) is installed correctly. I am on VS 2015

Any help would be appreciated.

INI configuration file support

Hi,

After the integration of the SysTray support (#25), this tool has improved the usability.

So, I feel it's time to think on integrate support to a configuration file. When launching the tool without parameters it does nothing. And from the user point of view, perhaps a simple INI will be interesting.

What you think?

consider use CoreRT to build single binary file

According to this doc,maybe we can build a single binary file.
I have test on win10 1803, it works expected

Forward GPG Sockets to remote?

Hi.

This tool is incredibly awesome and invaluable to me. It's a shame that it's still needed, in my opinion, but I am very thankful for it. Thank you!

Also, I would love to be able to forward my GPG Socket over SSH as well. Is that possible to do with this tool?

curlybracket.co.uk SSL certificate expired

Hey @benpye

This is an off-topic issue to let you know that https://curlybracket.co.uk seems to have an expired certificate.

Greetings,

Bernard

compiled binary

re #1 This release is no longer up-to-date, can we get a new compiled binary?

The current one doesn't fit the documentation, and I have no clue how to compile this myself.

A socket operation encountered a dead network

I am unable to run the programm since I instantly receive the following error message:

2020/06/24 12:27:39 Could not open socket C:\wsl-pageant\wsl-pageant.sock, error 'listen unix C:\wsl-pageant\wsl-pageant.sock: bind: A socket operation encountered a dead network.'

The call I am using:
.\wsl-ssh-pageant-amd64.exe -wsl "C:\wsl-pageant\wsl-pageant.sock" -systray

Error on windows server

I'm using windows server 2019 (1809), and get the error when run ssh-add -L:

error fetching identities: agent refused operation

I checked the gpg-agent output and find the error code of gnupg:

gpg-agent[16056]: ssh map file has a non-matching sid

I have no idea about why it runs error on some windows systems, but I can simply fix the problem.

Why is the latest version still a prerelease?

Any reason for the latest release being a prerelease? I'd like to get this into the scoop-extra bucket, and they stated they would only include "proper" releases.

Feature request: wsl-ssh-pageant should be able to run in the background

When starting the application, it keeps a command-prompt-style window open.

It should be able to run as a service (it might be possible but undocumented?) or minimise to the notification area.

(Other things that would be nice is clarification on the license that the code is released under and a smaller download (None of those affect the functionality though))

Systray: About link

Hi @mpotthoff ,

As it's possible that the new version with GUI will start to be used a lot for new users, I recommend that you include a Menu Entry with an ABOUT window with a link to the project homepage.

You agree?

Windows Defender (and other AV) detects wsl-ssh-pageant-386-gui.exe as malware (false detections)

When downloading the latest release 20200408.1 of wsl-ssh-pageant, Windows Defender triggered an alert and quarantined wsl-ssh-pageant-386-gui.exe as malware.

The alert box includes the following details:

Trojan:Win32/Wacatac.C!ml

Alert level: Severe
Status: Active
Date: 4/18/2020 12:08 PM
Catagory: Trojan
Details: This program is dangerous and executes commands from an attacked

Affected items:
file: c:\Users\user\Downloads\wsl-ssh-pageant.386-gui.exe

agent refused operation

Hello,

I opened before another issue on this repo, solved.

Now, It struggles at the moment where i try to connect to my server with ssh.

C:\Users\User\AppData\Roaming\wsl-ssh-pageant>ssh -vvv [email protected]
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
debug3: Failed to open file:C:/Users/User/.ssh/config error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2
debug2: resolving "domain.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to domain.com [XX.XX.XX.XX] port 22.
debug1: Connection established.
debug3: Failed to open file:C:/Users/User/.ssh/id_rsa error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_rsa.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_rsa type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_rsa-cert error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_rsa-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_rsa-cert type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_dsa error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_dsa.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_dsa type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_dsa-cert error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_dsa-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_dsa-cert type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_ecdsa error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_ecdsa.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_ecdsa type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_ecdsa-cert error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_ecdsa-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_ecdsa-cert type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_ed25519 error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_ed25519.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_ed25519 type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_ed25519-cert error:2
debug3: Failed to open file:C:/Users/User.ssh/id_ed25519-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\v/.ssh/id_ed25519-cert type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_xmss error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_xmss.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_xmss type -1
debug3: Failed to open file:C:/Users/User/.ssh/id_xmss-cert error:2
debug3: Failed to open file:C:/Users/User/.ssh/id_xmss-cert.pub error:2
debug1: key_load_public: No such file or directory
debug1: identity file C:\\Users\\User/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-10+deb10u2
debug1: match: OpenSSH_7.9p1 Debian-10+deb10u2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to domain.com:22 as 'username'
debug3: put_host_port: [domain.com]:22
debug3: hostkeys_foreach: reading file "C:\\Users\\User/.ssh/known_hosts"
debug3: record_hostkey: found key type ED25519 in file C:\\Users\\User/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [domain.com]:703
debug3: Failed to open file:C:/Users/User/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],ssh-ed25519
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: [email protected],ssh-ed25519,[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: ssh-ed25519
debug2: ciphers ctos: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
debug2: ciphers stoc: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
debug2: MACs ctos: [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256
debug2: MACs stoc: [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-ed25519 SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
debug3: put_host_port: [domain.com]:22
debug3: put_host_port: [domain.com]:22
debug3: hostkeys_foreach: reading file "C:\\Users\\User/.ssh/known_hosts"
debug3: record_hostkey: found key type ED25519 in file C:\\Users\\User/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [domain.com]:22
debug3: Failed to open file:C:/Users/User/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: hostkeys_foreach: reading file "C:\\Users\\User/.ssh/known_hosts"
debug3: record_hostkey: found key type ED25519 in file C:\\Users\\User/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [XX.XX.XX.XX]:22
debug3: Failed to open file:C:/Users/User/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug1: Host '[domain.com]:22' is known and matches the ED25519 host key.
debug1: Found key in C:\\Users\\User/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: cardno:XXXXXXXXXX (00000XXXXXXX), agent
debug2: key: C:\\Users\\User/.ssh/id_rsa (0000000000000000)
debug2: key: C:\\Users\\User/.ssh/id_dsa (0000000000000000)
debug2: key: C:\\Users\\User/.ssh/id_ecdsa (0000000000000000)
debug2: key: C:\\Users\\User/.ssh/id_ed25519 (0000000000000000)
debug2: key: C:\\Users\\User/.ssh/id_xmss (0000000000000000)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: ED25519 SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX cardno:XXXXXXXXXX
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg ssh-ed25519 blen 51
debug2: input_userauth_pk_ok: fp SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
debug3: sign_and_send_pubkey: ED25519 SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sign_and_send_pubkey: signing failed: agent refused operation
debug1: Trying private key: C:\\Users\\User/.ssh/id_rsa
debug3: no such identity: C:\\Users\\User/.ssh/id_rsa: No such file or directory
debug1: Trying private key: C:\\Users\\User/.ssh/id_dsa
debug3: no such identity: C:\\Users\\User/.ssh/id_dsa: No such file or directory
debug1: Trying private key: C:\\Users\\User/.ssh/id_ecdsa
debug3: no such identity: C:\\Users\\User/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: C:\\Users\\User/.ssh/id_ed25519
debug3: no such identity: C:\\Users\\User/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: C:\\Users\\User/.ssh/id_xmss
debug3: no such identity: C:\\Users\\User/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).

I get identical output with WSL.

Commands i ran to setup :

gpg-connect-agent killagent /bye
gpg-connect-agent /bye
gpg-connect-agent updatestartuptty /bye
C:\Users\User\AppData\Roaming\wsl-ssh-pageant>wsl-ssh-pageant-amd64-gui.exe --systray --winssh ssh-pageant --wsl C:\Users\User\AppData\Roaming\wsl-ssh-pageant\ssh-agent.sock

And added the SSH_AUTH_SOCK env variable for both Win SSH and WSL

Outpout for ssh-add -L for both Windows SSH and WSL :
`ssh-ed25519 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX cardno:XXXXXXXXX

I use the Gpg4win apps bundle, ensured that i have the last version.

I'm completely lost, i've followed all the steps, using Manjaro Linux or even Termbot app on Android the pubkey auth works flawlessly...

Windows OpenSSH client error

Couldn't run --winssh

Related issue: PowerShell/Win32-OpenSSH#1319

Error connecting to agent: No such file or directory

I'm trying to get this working on Windows 10.

Pageant (by PuTTY-CSC 0.74) is running.
wsl-ssh-pageant is running:

λ wsl-ssh-pageant-amd64 -winssh ssh-pagent
2021/03/16 16:24:03 Listening on named pipe: \\.\pipe\ssh-pagent

Then:

λ set SSH_AUTH_SOCK=\\.\pipe\ssh-pageant
λ ssh-add -l
Error connecting to agent: No such file or directory
λ ssh -vvv SOMEHOST
[...]
debug3: unable to connect to pipe \\\\.\\pipe\\ssh-pageant, error: 2
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
[...]

Am I doing something wrong?

use WSL SSH agent in Windows

Hi,

i want to opposite ;-)
i use the ssh-agent inside wsl 1 and want to use the keys in Windows Applications like vscode
the reason is, that there is no good ssh agent that supports ECDSA-CERT
is there a way?

regards

benpye / wsl-ssh-pageant Goto Github PK

wsl-ssh-pageant's Introduction

wsl-ssh-pageant

Why

How to use with WSL

How to use with Windows 10 native OpenSSH client

Systray Integration

Note

Frequently asked questions

How do I download it?

How do I build this?

What version of Windows do I need?

The -gui.exe binary doesn't have a GUI? (immediately closes)

You didn't answer my question!

Credit

wsl-ssh-pageant's People

Contributors

Stargazers

Watchers

Forkers

wsl-ssh-pageant's Issues

Troubleshooting

Recommend Projects

Recommend Topics

Recommend Org