DEV Community

Blikoor
Blikoor

Posted on

How do I manage SSH keys stored in the ssh-agent (Portable OpenSSH)?

• Windows 10 v20H2 • Git v2.33.0.windows.2 • Portable OpenSSH

I'm at my wit's end trying to figure out how to manage SSH keys stored by the ssh-agent. I expect to be able to list the keys and delete all or individual keys as needed. The Microsoft Docs doesn't give any indication of how to do this, but at least point you to the OpenSSH Manual.

However, the commands do not work!
I have searched for solutions on the internet, but I couldn't find any. I'll explain the issue in more detail with the following steps:

I Verified that the path for the ssh-agent used by Git is properly configured and associated with Portable OpenSSH in Windows.

PS Get-Command ssh | Select-Object Source
Enter fullscreen mode Exit fullscreen mode
> Source
> ------
> C:\Windows\System32\OpenSSH\ssh.exe
Enter fullscreen mode Exit fullscreen mode

1. Test the SSH connection to confirm that SSH authentication is working.

PS ssh -T git@github.com
Enter fullscreen mode Exit fullscreen mode
> Enter passphrase for key 'C:\Users\Blikoor/.ssh/id_ed25519':
> Hi blikoor! You've successfully authenticated, but GitHub does not provide shell access.
Enter fullscreen mode Exit fullscreen mode

2. To lists the public keys of all identities currently managed by the ssh-agent. I expected a list containing the Ed25519 key(s) stored by the agent.

PS ssh-add -L
Enter fullscreen mode Exit fullscreen mode
> The agent has no identities.
Enter fullscreen mode Exit fullscreen mode

3. To delete a specific or list of identities from the ssh-agent. I expected the agent to remove the private key corresponding to the specified public key.

PS ssh-add -d $env:USERPROFILE\.ssh\id_ed25519.pub
Enter fullscreen mode Exit fullscreen mode
> Could not remove identity "C:\Users\Blikoor\.ssh\id_ed25519.pub": agent refused operation
Enter fullscreen mode Exit fullscreen mode

4. To delete all identities from the ssh-agent. I expected the agent to remove all the private keys, but even though it seems successful, the SSH authentication test in the next step disproof this assumption.

PS ssh-add -D
Enter fullscreen mode Exit fullscreen mode
> All identities removed.
Enter fullscreen mode Exit fullscreen mode

5. Test the SSH connection again after deleting all keys. I expected that the test will fail, yet the second test is successful as well.

PS ssh -T git@github.com
Enter fullscreen mode Exit fullscreen mode
> Enter passphrase for key 'C:\Users\Blikoor/.ssh/id_ed25519':
> Hi blikoor! You've successfully authenticated, but GitHub does not provide shell access.
Enter fullscreen mode Exit fullscreen mode

Top comments (1)

Collapse
 
blikoor profile image
Blikoor

Subhodeep Chakraborty, thank you for the thoughtful information. 😀
However, in my situation, the OpenSSH service was already running. This question actually has its origin from another post of mine (linked below).