Connect to Git repository with SSH using Visual Studio 2017

I finally managed to make it work, using PuTTY's Pageant authentication agent instead of ssh-agent, and following the steps mentioned here (it's for Visual Studio Code, but works for Visual Studio 2017 and I guess it should work for any application that uses the "official" Git for Windows).

Since I already had Pageant installed and a .ppk private key created, I only had to make Git use Pageant, by creating the GIT_SSH Windows environment variable and setting it to the path of the "plink.exe" file (inside the PuTTY installation, for example C:\Program Files (x86)\PuTTY\plink.exe). With that done, I just need to open Pageant and add the private key (and leave it open while working with the repository), and Visual Studio will be able to connect and issue commands just fine.


there is another way, works for me.

  1. connect to Git repository use another ssh client, like ssh.exe. accept the connection. it will generate known_hosts file.
  2. copy known_hosts and id_rsa file into C:\Users\[UserName]\.ssh\
  3. Done. even without start-ssh-agent.

seems VS2017 run ssh connection on its own, so it ignores key that ssh-add added, and use default path's key only


Here is a solution which would allow to connect Visual Studio (and Git) to multiple repositories by SSH, with the separate private keys if necessary and ssh authentication agent to handle the keys' passphrases.

It is good for the corporate users, because you don't need administrator rights on your computer to follow the steps below.

It is explained on example of Bitbucket, but can be extended to Github and anything else.

Prerequisites

  • Installed Visual Studio
  • Bitbucket account

Download and install Git

On the opening of a project, Visual Studio will ask you to download and install Git package. You could do so using a link provided in a Visual Studio notification, or using this link.

Install Git for the current user only. Use installation options by default.

Generate your private/public keys pair

  1. Locate a Git folder with ssh-keygen.exe application. By default it is: "%LOCALAPPDATA%\Programs\Git\usr\bin\" for example: "C:\Users\NSM\AppData\Local\Programs\Git\usr\bin\"
  2. Open Command Prompt and go into the folder you found:

    cd "%LOCALAPPDATA%\Programs\Git\usr\bin\"
    
  3. Create a folder to store your keys if it doesn't exist

    mkdir "%HOME%\.ssh"
    
  4. Generate a new ssh key:

    ssh-keygen -t rsa -b 4096 -C "<your email of id>" -f "%HOME%/.ssh/id_rsa_<file name>"
    

    for example:

    ssh-keygen -t rsa -b 4096 -C "nsm" -f "%HOME%/.ssh/id_rsa_nsm"
    

    It is advisable to specify they key's passphrase. Remember the passphrase, you wont be able to recover it if forgotten!

Add your public key to Bitbucket

  1. Open your Bitbucket account management page
  2. Open the SSH keys section and click Add key
  3. Copy and paste content of the generated public key from the "%HOME%/.ssh/" folder. For example: id_rsa_nsm.pub: ssh-rsa AAAAB3Nza<skipped>BkPqxFQ== nsm
  4. Click Add key button to submit your public key

Configure ssh to use your key for Bitbucket source code requests

Create config file in the "%HOME%/.ssh/" folder with the following content:

    AddKeysToAgent yes

    Host <Bitbucket FQDN or any label>
      HostName <Bitbucket FQDN>
      User git
      IdentityFile ~/.ssh/id_rsa_<file name>

For example:

    cd %HOME%/.ssh/
    type config

Output:

    AddKeysToAgent yes

    Host bitbucket.org
      HostName bitbucket.org
      User git
      IdentityFile ~/.ssh/id_rsa_nsm

AddKeysToAgent yes option will add the configured private keys to the ssh authentication agent on demand

Configure Git to use ssh authentication agent

Typing the passphrase every time the private key has been used is a tedious burden. To avoid that we will use the ssh authentication agent

  1. In the folder, where the ssh-keygen utility was found (by default it is: "%LOCALAPPDATA%\Programs\Git\usr\bin\"), create ssh.cmd file with the following content:

    @echo off
    setlocal enabledelayedexpansion
    
    ::: File storing SSH_AUTH_SOCK and SSH_AGENT_PID of the running agent
    set __ssh_agent=%HOME%/.ssh/agent.env
    
    if exist %__ssh_agent% goto loadenv
    
    :startagent
    echo Starting SSH Authentication Agent...
    ssh-agent > %__ssh_agent%
    
    :loadenv
    ::: Loading the agent environment variables from 2 first lines of agent.env:
    ::: SSH_AUTH_SOCK and SSH_AGENT_PID
    set /a __count=0
    for /f "tokens=1 delims=;" %%a in (%__ssh_agent%) do (
      if !__count! LSS 2 (
        set %%a
        set /a __count+=1
      ) else (
        goto endloadenv
      )
    )
    :endloadenv
    
    ::: Checking the agent is running
    for /f "tokens=1 delims=, usebackq" %%a in (`TASKLIST /FI "PID eq %SSH_AGENT_PID%" /FO CSV /NH`) do (
      if not %%a == "ssh-agent.exe" goto startagent
    )
    
    :startssh
    ::: Run ssh, passing to it all command line parameters
    ssh.exe %*
    

    This script will load the ssh authentication agent before ssh.exe is executed and allow ssh.exe to communicate with it through socket specified in the SSH_AUTH_SOCK environment variable.

  2. From the Command Prompt execute the following command:

    git config --global core.sshCommand '%LOCALAPPDATA%/Programs/Git/usr/bin/ssh.cmd'
    

Create a remote for your local repository using the Bitbucket provided link

Replace FQDN in the link with a label you provided in the ./ssh/config file. That will allow you to use config sections with the multiple keys when connecting to Bitbucket or Github repositories

All Done