You can find many tutorials online on how to use ssh-agent or ssh-ident correctly.
This is a short and simple two line fix aimed at a specific use i.e. a single connection to a jumphost.
Add this to your .bashrc
alias jump='eval ssh-agent && ssh-add ~/.ssh/id_rsa && ssh -A -i "~/.ssh/id_rsa" jan@jumphost.domain.name'
So now when you type jumphost:
An ssh-agent will start
Relevant keys are added to the agent
You ssh to the jumphost with agent forwarding (-A)
And from the jumphost you can ssh connect to anywhere because you forwarded your keys.
Possible drawbacks:
The primary benefit is that with this method your ssh keys stay on your local machine (and not on e.g. the jumphost). But it also means you still have to enter your ssh passphrase for each session: in my case this is not a problem I usually need one session to my jumphost. If you set up lots of sessions, this may be a problem because you have to keep entering your passphrase (usually one of the reasons of running ssh-agent in the first place) and every session starts it’s own ssh-agent. If you do not use as ssh passphrase this is not an issue (though you really should use a passphrase).
Your ssh-agent will run forever. So add this to ~/.bash_logout
pkill ssh-agent
Drawbacks:
*Any* bash logout will kill your ssh-agent. Again: not a problem if you just use one session at a time.
This setup works for quick access from a let’s say a secondary machine to my jumphost, to quickly check some things. On my primary machine (for real work) I just use this.
I am back to running Windows Terminal + Cygwin, after a stint with MobaXterm. I blogged about it before.
Why:
Windows Terminal is pretty good: it doesn’t get in your way, and it’s fast (*very* important).
Cygwin gives me access to grep, awk, vim and much more.
In the end MobaXterm just had too many quirks. Specifically when changing screens — docking / undocking which I do a lot during the day. However, one thing I really did like about MobaXterm was the integrated SSH agent (MobAgent).
That part worked really well.
That was what kept me from switching back to Windows Terminal and Cygwin.
But I recently found out that Windows 10 comes with its own SSH Agent (?!). That was news to me.
So I now use the Windows SSH Agent. So, not Pageant or OmniSSHAgent or any other Windows SSH Agent or keychain, because these all have issues (I tried them). Also running eval $(ssh-agent) for every new terminal window (that zombies when you close your shell) kind of defeats the purpose of having an SSH agent.
How?
First you need to tell Windows to start the OpenSSH Authentication Agent on boot:
PowerShell can tell you if the agent is running:
Looks good!
And now comes the tricky part. Using Cygwin AND using this ssh-agent i.e. adding and retrieving keys to and from the agent.
Of course you can add keys with ssh-add or by adding the -A parameter to the ssh command.
PS C:\Users\Jan van den Berg> ssh-add.exe .ssh\id_rsa
But you need to understand this next bit first.
When invoking ssh in Cygwin you invoke a different ssh client than the default Windows SSH client. One is the Cygwin ssh client, and the other one is the one that comes with Windows. I blogged about this before.
Spot the differences in this next image:
These are two different SSH clients
And here is the secret (that took me way too long to figure out, thanks ssh -v)
Only when invoking the latter (ssh.exe) you get access to the Windows OpenSSH Agent!
This is especially tricky when you want to specify identity files. Make sure you use the right paths, the Windows SSH client will look in other default paths. Something to consider.
My workflow now is as follows: I have defined a couple of bash aliases in my Cygwin .bashrc file so when I fire up Windows Terminal (fast) I can jump to a specified SSH host with one or two keypresses — all the while using the correct SSH keypair with a passphrase I only have to enter once per Windows boot! (edit: I assumed it would be per boot, but it seems the Windows SSH agent holds the keys forever, that may actually be too much of a good thing….).
alias ms='/cygdrive/c/Windows/System32/OpenSSH/ssh.exe -A -i 'C:\Users\Jan van den Berg\.ssh\mm-id_rsa' jan@myserver'
[UPDATE July 2022: I switched to using MobaXterm which does the job just fine. I don’t like that it is not free/open but I do like that it comes with an integrated SSH agent, which makes life a lot easier]
I had been a happy WSL1 user for many years, but after switching laptops I more or less had to upgrade to WSL2. Which is the same thing but not really.
The thing is, WSL2 startup times are annoyingly slow. And I hate slow. Computers have to be fast and snappy.
So after poking around — many blogs and Github issues — I decided to ditch WSL and move on.
So I entered the world of terminal emulators and unixy environments, which can be overwhelmingly confusing at times.
Windows Terminal
First I settled on Windows Terminal as a terminal emulator. I already starting using this for WSL (which comes default with MinTTY).
MinTTY is used *a lot* and many tools are actually MinTTY under the hood. Cygwin also comes with MinTTY by default. And MinTTY is pretty good, however: it has no tabs.
Windows Terminal is the only terminal emulator I found (on Windows) that does tabs decently! The only other ones I found were ConEmu, but it feels a bit less snappy, and cmder (which uses ConEmu so it has the same problem).
Once you have tabs, you don’t want to go back.
Windows Terminal is a native Windows binary, so that might explain that snappy feel.
So Windows Terminal it is.
But now, how do I get that Linux feel on Windows! WSL1 was pretty perfect, an almost native feeling Linux environment.
There are many alternatives and emulation option (like running VirtualBox or MinGW et al.) but why not go with good, old, trusty Cygwin solution. Their tagline is enticing:
I knew Cygwin from way back, and I noticed it still hasn’t changed its logical, but somewhat archaic installation procedure.
Cygwin installs itself in a folder with a bunch of recompiled for Windows GPLtools, to create a hierarchy that LOOKS and FEELS like a Linux environment.
Fine, whatever.
As long as I can use, grep, rsync, ssh, wget, vim and awk, right?
And I can. Cygwin makes a whole lot of recompiled GNU tools available for Windows — including the above.
However a basic Cygwin installation is pretty minimalistic, so I had to run the installer a few times to get all the software packages I needed (like ssh, vim and wget they are not installed by default). This makes Cygwin a bit different: you can — and usually have to — run the installer a few times to get everything you need.
Next I added Cygwin to my Windows Terminal and made it the default. And with ‘added’ I mean I made a Windows Terminal profile that starts the bash.exe program that comes with Cygwin and drops me in the Cygin homedir (which is actually a Windows path).
A terminal emulator in itself does nothing except handle input / output, and running a shell program like bash enables you to interact with your files (or OS) by sending input signals trough a terminal emulator and processing its output signals.
Cygwin comes with MinTTY by default (of course): if this had (decent) tabs, I’d probably chuck Windows Terminal.
In Windows Terminal you can click a profile together, which edits a JSON file, but you can also directly edit the JSON if you know what you are doing.
Windows Terminal: setting Cygwin
Improvements
I think I really like that Cygwin keeps everything in one folder and doesn’t mess too much with my Windows installation, or path settings and all that. I think (?) it’s just a folder (pretty portable).
Two things though.
Prompt
Cygwin needs a better looking prompt. Well here you go:
export PS1="\u@\h:[\e[1;32m]\w \e[m \D{%T}# "
Try it, you’ll like it. Colors, path, username, time, it has everthing! Put it in your .bash_rc
SSH
I could not figure out why my SSH keys weren’t working when connecting to my server. But when I dropped into verbose mode (ssh -vv) I saw ssh wanted to use keys from C:\Users\Jan van den Berg\.ssh instead of the Cygwin homedir /home/jan/.ssh
I spent waaaaay too much timing thinking why Cygwin would do this, until I noticed the SSH binary I invoked was the default Windows 10 OpenSSH client, which will default to looking in the Windows homedir for ssh keys instead of the Cygwin homedir.
So you have to specifically invoke /bin/ssh (or you can remove the Windows OpenSSH client, or change symlinks, or change paths, whatever works for you).
Spot the difference, on of these is not like the other.
The lesson is: be aware that Cygwin is just a bunch of Windows executables, and it will therefore also look in your Windows path.
Just files
Conclusion
I think I am pretty happy with this setup, mainly because it starts almost instantly! And that was the whole point.
