Did you know that Windows 10 comes with an OpenSSH client?

Starting with the Windows 10 Fall Creators Update (1709), OpenSSH clients are starting to be offered as Windows add-ons. However, it is easy to misunderstand that it is only provided by unfamiliar usage that differs from Linux, or that it is still not supported properly.

In this article, we'll look at how to set up the commonly used client environment related to OpenSSH in a way that's built into Windows 10, and I'll give you some useful tips.

Configure Windows OpenSSH

Start PowerShell as an administrator and use the PowerShell commands below to add Windows components.

Microsoft's current installation of OpenSSH is an add-on package, Feature-On-Demand, not an item in the Add/Remove Windows Components dialog box of the classic Control Panel control.exe. You can install it only by using the following command:

$OpenSSHClient = Get-WindowsCapability -Online | ? Name -like ‘OpenSSH.Client*’
Add-WindowsCapability -Online -Name $OpenSSHClient.Name

Normally, no system restart is required after installation.

After completing the installation, you may enable the ssh-agent service. This service is used to register to not ask for the SSH key password every time. Initially, the service is disabled and stopped, so set the service to autostart, and start it now.

$SSHAgentSvc = Get-Service -Name ‘ssh-agent’
Set-Service -Name $SSHAgentSvc.Name -StartupType Automatic
Start-Service -Name $SSHAgentSvc.Name

You should now close the PowerShell window in administrator mode and work with the PowerShell window open as normal.

Since we are setting up a new system, let's create a new SSH key. Some common utilities have been added along with the OpenSSH client package. Run the ssh-keygen command and answer questions.

ssh-keygen

This creates a key pair from the $HOME\.ssh\id_rsa file and the $HOME\.ssh\id_rsa.pub file.

Now run the ssh-add command to add this key pair to the ssh-agent service.

ssh-add

It automatically registers the $HOME\.ssh\id_rsa key pair, and now you can authenticate with that key pair.

Note: Sometimes the system may have several ssh.exe binary files installed, and the ssh.exe binary path may be duplicated in the PATH environment variable. To debug this problem, review the contents of the path command or the PATH environment variable and change the folder path containing the ssh.exe binary to be used first, or keep only one.

Registering SSH Keys on Github

You need to register the public key of this SSH Key Pair to Github or your Git repository.

Enter the following PowerShell command to copy the public key value to register other systems.

Get-Content -Path $HOME\.ssh\id_rsa.pub | Set-Clipboard

With this command, public key automatically entered on the clipboard.

Then enter the following command to open the GitHub configuration page. (Or you can open the URL below directly in your preferred browser instead of your default browser.)

Start-Process ‘https://github.com/settings/ssh/new'

After that, paste the public key from the clipboard and register it by adding a clear description of the key.

Install Git Client and SSH Client

There are many ways to install the Git client, but I personally recommend the Chocolatey Package Manager as the most intuitive and easy way.

The official Git client installation package exposes a lot of options that can cause side effects, so if you install it incorrectly, you may run into difficulties due to unintended features.

First install the Chocolatey Package Manager if it is not already installed. Because this is a system-level addition of software, allow a few minutes to open a new PowerShell window as an administrator.

Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString(‘https://chocolatey.org/install.ps1'))

Now enter the command to install the Git for Windows client.

Note: Often, if the Chocolatey.org website enters a regular checkout period, the installation may not proceed properly. In this case, check the Chocolatey.org website and try again later.

choco install git -y

Back in the regular PowerShell window, set the GIT_SSH environment variable. You must specify this environment variable so that Git clients can properly recognize SSH clients on Windows 10.

$SSHPath = (Get-Command -Name ‘ssh.exe’).Source
[Environment]::SetEnvironmentVariable(‘GIT_SSH’, $SSHPath, ‘User’)

Powering PowerShell with oh-my-posh

As the name suggests, oh-my-posh is a Windows PowerShell version of oh-my-zsh that is popular on macOS and Linux these days. And interestingly, it supports some of the features that oh-my-zsh provides.

First run the oh-my-posh installation script. It's listed in PowerShell's official module repository, so the commands are not complicated and simple.

Install-Module posh-git -Scope CurrentUser
Install-Module oh-my-posh -Scope CurrentUser

If you are installing on PowerShell Core for Windows (6.x or later), run the following command.

Install-Module -Name PSReadLine -AllowPrerelease -Scope CurrentUser -Force -SkipPublisherCheck

Edit the Profile file so that the oh-my-posh shell can be loaded automatically when PowerShell starts. If you run the command below, the file will be created if it doesn't exist.

if (!(Test-Path -Path $PROFILE )) { New-Item -Type File -Path $PROFILE -Force }
notepad.exe $PROFILE

Add the following code at the end of the script and save it.

Import-Module posh-git
Import-Module oh-my-posh
Set-Theme Paradox

As a side note, using a programming font with powerline patching looks pretty and doesn't break the glyphs. Run the following command again in an elevated PowerShell and update the console window's font settings with the D2Coding font.

Import-Module posh-git
Import-Module oh-my-posh
Set-Theme Paradox

When all the settings are applied, you will see something like the picture below, and if you move the directory to the Git repository, you will see the branch name look good. This seems to have some assortment. 😎

Appendix 1: Installing the Windows Terminal App

You can go directly to the Windows Terminal app store page by running the following command in PowerShell: As is well known, using Windows Terminal gives you all the benefits of a modern CLI development environment.

Start-Process 'https://www.microsoft.com/store/productId/9N0DX20HK701'

After installation, you can launch the Windows Terminal app directly with wt.exe or wt shortcuts. That is, on Windows, remember wt instead of cmd, powershell or pwsh. 😏

Appendix 2: For SourceTree

Unfortunately, the Git client used by SourceTree does not work with the SSH Agent service provided by Windows. Instead, you can use the keys you created.
In the SourceTree Options window, change the SSH client to OpenSSH as shown below.

At this point, verify that the SSH key is the same as the $HOME\.ssh\id_rsa file created in the previous step. If it is different, specify it again.
When done, press the OK button to save the settings.

Appendix 3: Integrating with Visual Studio Code

If GIT_SSH environment variable is registered properly, integration is completed without any special setting. However, even though you have completed the configuration, if you are still in progress without any message when performing git pull, you can run the ssh-add -l command built-in terminal to check the connection status with the ssh-agent service.