What is OpenSSH ssh-agent?

About

It works on Linux and windows

It stores un/desencrypted private keys in memory, and communicates with SSH clients via Unix_domain_socket

Docker Limitations

With the windows agent:

you don't get a ssh-agent Unix Socket but the npipe \.\pipe\openssh-ssh-agent ¹⁾. Therefore, you can only work with Docker Windows Container
as of today (2024-0-09), SSH Agent forwarding is only for Desktop Docker Mac and Linux.

²⁾ By default the ssh-agent service is disabled.

Get-Service ssh-agent | Set-Service -StartupType Automatic
# start
Start-Service ssh-agent
# status
Get-Service ssh-agent

Status   Name               DisplayName
------   ----               -----------
Running  ssh-agent          OpenSSH Authentication Agent

(get-command ssh-agent.exe).path

C:\Windows\System32\OpenSSH\ssh-agent.exe

On Linux, the ssh-agent binary should already be available, if not use your package manager to install it

Example:

apt-get install openssh

On Git bash, if you want to work with:

In a posix shell, you start the ssh-agent and set the configuration variables with the following command:

ssh-agent -s
# where:
# ssh-agent starts the ssh-agent 
# -s generate commands on stdout

SSH_AUTH_SOCK=/tmp/ssh-asX1VgTTeGM3/agent.1848; export SSH_AUTH_SOCK;
SSH_AGENT_PID=1849; export SSH_AGENT_PID;
echo Agent pid 1849;

You can configure it to start automatically with the following command in .bashrc

eval `ssh-agent -s`

If your private key is not stored in one of the default locations (like ~/.ssh/id_rsa), you'll need to add them.

Add a SSH private key to the ssh-agent created with keygen with the ssh-add

ssh-add ~/.ssh/id_rsa

ssh-add $env:USERPROFILE\.ssh\id_ed25519

ssh-add <directory to private SSH key>

ssh-add -l

Return empty if there is no key

The agent has no identities.

ssh-add -d ~/.ssh/key-to-remove

ssh-add -t <seconds>

¹⁾

²⁾