Can't acess ssh-agent

[ChrisDodd]

So I've followed the instructions about setting up the agent and believe I have it running --

PS C:\windows\system32> Get-Service ssh-agent

Status   Name               DisplayName
------   ----               -----------
Running  ssh-agent          OpenSSH Authentication Agent

but when I try to access it, I get

PS C:\windows\system32> ssh-add -L
error fetching identities: communication with agent failed

I have no spurious SSH related envvars set (saw some other messages related to that), at least as far as I can see from gci Env:

[nightscape]

I just ran into the same problem. Have you found any solutions @ChrisDodd ?

[ChrisDodd]

I eventually "fixed" it by installing/enabling the ssh-server package -- apparently the agent only works properly if the server is installed? Would be nice if the agent could work on pure client machines.

[nightscape]

That was also the "solution" I arrived at, I completely deactivated the SSH Agent in services.msc...

[jmyreen]

For some reason ssh-agent is bundled with the ssh server, although ssh-agent is a helper program for the ssh client. I guess the thinking goes that they are both services, so put them together. See also https://github.com/PowerShell/Win32-OpenSSH/issues/1547#issue-562044258

[blindzero]

Doh...that took me hours to find out because it is so completely unlogic (ssh-agent is for client not for server). Especially as you can enable ssh-agent service and start it even without having the server feature available...

[bagajjal]

ssh-agent is a common to both client and server. Win10, windows server 2019 will have client components installed by default in c:\windows\system32\openssh folder.. You can see ssh-agent in this folder.

[blindzero]

But it is simply not working without -server component which doesn't make sense on clients. I want to use ssh-agent on my clients without installing -server on ALL of them.

[bagajjal]

I tried this on a fresh windows machine. I don't see any problem. By default ssh-agent service is disabled. It has to be set to automatic and then start ssh-agent service.

[blindzero]

With my Win10 19.09 I got

PS C:\windows\system32> ssh-add -L
error fetching identities: communication with agent failed

even though the ssh-agent service was running.

After installing ssh-server and restarting ssh-agent it worked directly.

[ANHPearce]

I am having the same problem. I find it to be a serious issue to have to run sshd in order to use the ssh-agent.

[EdBoraas]

I'm not sure exactly what ssh-agent is depending on ssh-server for, but it doesn't seem to require sshd to actually be running. As a workaround, I just did this:

sc.exe create sshd binPath=C:\Windows\System32\OpenSSH\ssh.exe

(which obviously won't result in a working sshd; this is strictly a "dummy" entry), and this allowed ssh-add to work even in the absence of the real sshd service (and even with this dummy service set to disabled).

I can only guess that ssh-agent/ssh-add is trying to look something up with respect to the sshd service, and failing when it can't find it. Hopefully this workaround helps.

[Pcres91]

@EdBoraas I don't know what that was doing but it solved this issue for me in such a simple manner, thank you. Windows really should get around to addressing this.

[colececil]

I had ssh-agent working on my machine a few days ago, but it wasn't working today for some reason (I only have the client installed, not the server). This solution by @EdBoraas fixed it for me. Thanks!

sc.exe create sshd binPath=C:\Windows\System32\OpenSSH\ssh.exe

From what I gather, sshd is the name of the OpenSSH server process, and creating a dummy service for it somehow tricks Windows into thinking that OpenSSH server is running, which gets around the dependency issue. Is this correct?

[EdBoraas]

@colececil Yes, that's exactly what I think is happening. It doesn't even seem to care if it's running or not, but it seems to fail if there's no service by that name.

[TCB13]

I had ssh-agent working on my machine a few days ago, but it wasn't working today for some reason (I only have the client installed, not the server). This solution by @EdBoraas fixed it for me. Thanks!

sc.exe create sshd binPath=C:\Windows\System32\OpenSSH\ssh.exe

From what I gather, sshd is the name of the OpenSSH server process, and creating a dummy service for it somehow tricks Windows into thinking that OpenSSH server is running, which gets around the dependency issue. Is this correct?

This doesn't work because...

> sudo sc.exe create sshd binPath=C:\Windows\System32\OpenSSH\ssh.exe
[SC] CreateService FAILED 1073:

The specified service already exists.

Installed via scoop install openssh, version 8.9.1.0p1. Run sudo ~\scoop\apps\openssh\current\install-sshd.ps1 after installation as suggested.

> ssh-add.exe -L
error fetching identities: communication with agent failed

> Get-Service ssh-agent

Status   Name               DisplayName
------   ----               -----------
Running  ssh-agent          OpenSSH Authentication Agent

> Get-Service sshd

Status   Name               DisplayName
------   ----               -----------
Stopped  sshd               OpenSSH SSH Server

> systeminfo
....
OS Name:                   Microsoft Windows 10 Enterprise
OS Version:                10.0.18363 N/A Build 18363

This makes no sense.

Update:

1. sudo ~\scoop\apps\openssh\current\uninstall-sshd.ps1
2. sudo scoop uninstall openssh
3. Installed a new one via Windows Additional Features
4. sudo Set-Service ssh-agent -StartupType Automatic
5. sudo Start-Service ssh-agent

Everything works now.