Unifies the chaotic ssh-agent state under Windows.
On Windows, there are multiple communication methods for SSH agents, leading to complexity in usage and configuration. The following diagram illustrates the current SSH agent communication landscape on Windows.
OmniSSHAgent simplifies this chaotic situation, as shown in the diagram below.
- Windows 11
- Microsoft Edge WebView2
- Pageant.exe (PuTTY) shared memory
- Unix domain socket for WSL2
- NamedPipe on Windows
- Unix domain socket for WSL1
- Unix domain socket for MSYS2 (Cygwin) (#1)
- Download
OmniSSHAgent-amd64-installer.exe
from the latest release, and run the installer. - If you are using the native Windows SSH agent, you will need to stop and disable it. Open PowerShell with administrator privileges and run the following commands:
Stop-Service ssh-agent
Set-Service -StartupType Disabled ssh-agent
- Alternatively, you can do this through the GUI: open the Start menu, type "Services," and select the Services app.
Once open, find the
OpenSSH Authentication Agent
service, setService Status
toStop
, andStartup Type
toDisabled
.
-
If you are using PuTTY Pageant, stop it.
-
Launch
OmniSSHAgent.exe
by double-clicking it. -
Press the
Open new file
button to add a private key file, or use thessh-add
command or KeePassXC to add your private key.
OmniSSHAgent does not have an installer to register itself for startup automatically. To add it manually:
- Press the Windows logo key + R, type
shell:startup
, and click OK. This opens the Startup folder. - Copy and paste a shortcut to
OmniSSHAgent.exe
into the Startup folder.
Choose the instructions for your preferred shell below. If your shell is not listed, you can convert the Bash script syntax and submit a pull request to add it to the repository.
- Download ubuntu.wsl2-ssh-agent-proxy.sh using the following command:
mkdir -p $HOME/wsl2-ssh-agent-proxy
curl -sL https://raw.githubusercontent.com/masahide/OmniSSHAgent/refs/heads/main/hack/ubuntu.wsl2-ssh-agent-proxy.sh -o $HOME/wsl2-ssh-agent-proxy/ubuntu.wsl2-ssh-agent-proxy.sh
- Add the following line to
~/.bashrc
,~/.zshrc
, or the appropriate file for your shell:
source $HOME/wsl2-ssh-agent-proxy/ubuntu.wsl2-ssh-agent-proxy.sh
- Download ubuntu.wsl2-ssh-agent-proxy.fish using the following command:
mkdir -p $HOME/wsl2-ssh-agent-proxy
curl -sL https://raw.githubusercontent.com/masahide/OmniSSHAgent/refs/heads/main/hack/ubuntu.wsl2-ssh-agent-proxy.fish -o $HOME/wsl2-ssh-agent-proxy/ubuntu.wsl2-ssh-agent-proxy.fish
- Add the following line to
~/.config/fish/config.fish
:
. $HOME/wsl2-ssh-agent-proxy/ubuntu.wsl2-ssh-agent-proxy.fish
Setting up a Unix domain socket in the Ubuntu environment:
-
Check the setting for
Unix domain socket file path (WSL1)
in OmniSSHAgent. For example, if the path is set as follows (UserName
will vary based on your environment):C:\Users\<UserName>\OmniSSHAgent.sock
The WSL1 path would be/mnt/c/Users/<UserName>/OmniSSHAgent.sock
. -
Add the following line to
~/.bashrc
:
export SSH_AUTH_SOCK=/mnt/c/Users/<UserName>/OmniSSHAgent.sock
-
Check the setting for
Cygwin Unix domain socket file path (MSYS2)
in OmniSSHAgent.- For example, if the path is (
UserName
will vary based on your environment): C:\Users\<UserName>\OmniSSHCygwin.sock
- The Cygwin path would be
/mnt/c/Users/<UserName>/OmniSSHCygwin.sock
.
- For example, if the path is (
-
To set the
SSH_AUTH_SOCK
variable:- On the Windows taskbar, right-click the Windows icon and select System.
- In the Settings window, under Related Settings, click Advanced system settings.
- On the Advanced tab, click Environment Variables.
- In
User variables
, clickNew
to create a new environment variable:
Variable name: SSH_AUTH_SOCK
Variable value: /mnt/c/Users/<UserName>/OmniSSHAgent.sock
This mode uses OpenSSH ssh-agent NamedPipe or 1Password's ssh-agent function as a backend, as shown in the diagram below.
By enabling "Proxy mode for 1Password key-agent" in the configuration, OmniSSHAgent functions as a proxy for 1Password or OpenSSH's NamedPipe SSH agent.
Note: When "Proxy mode for 1Password key-agent" is enabled, OmniSSHAgent operates solely as a proxy, meaning private keys cannot be added.
- PuTTY private key file (.ppk)
- OpenSSH format
- RSA
- ECDSA
- ED25519
(DSA, ECDSA-SK, ED25519-SK are not supported)
Passphrases are stored in the Windows Credential Manager.