Remove the preinstalled OpenSSH build from your PATH by going to the Environment Variables editor under System Properties, selecting PATH under the machine variables, clicking Edit, and deleting the OpenSSH entry. As a result, if you’re using a Yubikey for SSH, you need to do this step.įirst, you’ll need to remove parts of the preinstalled OpenSSH build as they’ll conflict with the new one. The version of OpenSSH shipped with current builds of Windows 10 (1909 as of this writing) is a few versions out of date, and more importantly was built before Microsoft enabled PKCS#11 support.
#Putty ssh agent update#
Configuring the OpenSSH SSH Agent Optional: Update Native OpenSSH I find Pageant to be less stable and user-friendly than the traditional SSH agent, but you can use either.
The main reason to use Pageant is if you use putty-cac for interfacing with non-PKCS#11 smart cards and certificates that are only available via the Microsoft CAPI (including the TPM-backed certificates from my previous post) 1 2. Let’s fix that!įirst, you’ll need to decide whether you want to use Pageant or the native SSH Agent. Windows 10 also includes a native build of OpenSSH, which means you don’t even need to use WSL to SSH into your other machines! Unfortunately, neither option has any ssh-agent running by default, so if you have passphrase protected keys (which you should!), then you’ll need to enter the passphrase every time you want to use them. The first is the Windows Subsystem for Linux, which implements a subset of the Linux Kernel’s system calls to allow you to run native Linux userland utilities such as bash and friends, and ssh. Windows 10 ships with two awesome features for users and developers who still work in Linux land.