By Danny Dai Smith

2013-07-24 23:26:10 8 Comments

I am running into this error of:

$ git push heroku master
Warning: Permanently added the RSA host key for IP address '' to the list of known hosts.
!  Your key with fingerprint b7:fd:15:25:02:8e:5f:06:4f:1c:af:f3:f0:c3:c2:65 is not authorized to access bitstarter.

I tried to add the keys and I get this error below:

$ ssh-add ~/.ssh/
Could not open a connection to your authentication agent.


@aqm 2019-03-20 15:17:57

For window users, I found cmd eval `ssh-agent -s` didn't work, but using git bash worked a treat eval `ssh-agent -s`; ssh-add KEY_LOCATION, and making sure the windows service "OpenSSH Key Management" wasn't disabled

@bp zhang 2018-10-11 02:26:37


ssh-agent bash

To get more details you can search


or run

man ssh-agent

@Neeraj Sewani 2019-02-23 17:59:44

I would recommend that If you are working with git bash on windows then try this.

@SomeGuyOnAComputer 2019-02-28 09:18:52

@neer17 this allowed me to use ssh-copy-id on ubuntu. Unsure why I couldn't add the key without using ssh-agent to launch bash.

@Alfabravo 2019-04-03 22:35:11

This is the one for Windows! (tested on W10pro build 1809 and git 2.21.0)

@herrera 2020-04-08 18:53:37

I am using ZSH and this works for me: ssh-agent zsh; ssh-add

@Svend Hansen 2020-08-11 06:59:43

My Cygwin and Git Bash were working fine, but for some reason the Console opened from the Fork client didn't work, and this fixed it. I'll probably just use Git Bash in the future, but at least I know how to get it to work now :)

@Akram 2019-01-16 12:12:57

I had the same problem on Ubuntu and the other solutions didn't help me. I finally realized what my problem was. I had created my ssh keys in /root/.ssh folder, So even when I ran ssh-add as root, it couldn't do its work and keep saying

Could not open a connection to your authentication agent.

I created my ssh public and private keys in /home/myUsername/ folder and I used

ssh-agent /bin/sh

then I ran

ssh-add /home/myUsername/.ssh/id_rsa

and problem was solved this way.

Note: For accessing your repository on git add your git password when you are creating ssh keys with ssh-keygen -t rsa -C "your git email here".

@vinsinraw 2016-01-07 10:31:20

Instead of using $ ssh-agent -s, I used $ eval `ssh-agent -s` to solve this issue.

Here is what I performed step by step (step 2 onwards on GitBash):

  1. Cleaned up my .ssh folder at C:\user\<username>\.ssh\
  2. Generated a new SSH key
    $ ssh-keygen -t rsa -b 4096 -C "[email protected]"
  3. Check if any process id(ssh agent) is already running.
    $ ps aux | grep ssh
  4. (Optional) If found any in step 3, kill those
    $ kill <pids>
  5. Started the ssh agent
    $ eval `ssh-agent -s`
  6. Added ssh key generated in step 2 to ssh agent
    $ ssh-add ~/.ssh/id_rsa

@Chutipong Roobklom 2018-09-10 02:43:58

'eval' is not recognized as an internal or external command, operable program or batch file.

@Mohit Satish Pawar 2018-10-14 10:57:36

You can just restart agent by eval ssh-agent -s and add older key using ssh-add ~/.ssh/id_rsa. If you generate new SSH key then you will need to update that key in all your services such as github, bitbucket, etc.

@Michal Vician 2019-12-06 09:23:05

Is there a way make this survive Windows restarts? After the restart it don't work until I launch "eval ssh-agent -s" and "ssh-add ~/.ssh/id_rsa" again.

@Sujit.Warrier 2020-03-13 05:48:58

after searching for a long time, this is the solution that worked

@avivamg 2020-05-25 14:33:10

Great Explanation!

@Renato Silva 2014-06-22 01:22:35

Note: this is an answer to this question, which has been merged with this one. That question was for Windows 7, meaning my answer was for Cygwin/MSYS/MSYS2. This one seems for some unix, where I wouldn't expect the SSH agent needing to be managed like this.

This will run the SSH agent and authenticate only the first time you need it, not every time you open your Bash terminal. It can be used for any program using SSH in general, including ssh itself and scp. Just add this to /etc/profile.d/

ssh-auth() {
    # Start the SSH agent only if not running
    [[ -z $(ps | grep ssh-agent) ]] && echo $(ssh-agent) > /tmp/

    # Identify the running SSH agent
    [[ -z $SSH_AGENT_PID ]] && source /tmp/ > /dev/null

    # Authenticate (change key path or make a symlink if needed)
    [[ -z $(ssh-add -l | grep "/home/$(whoami)/.ssh/id_rsa") ]] && ssh-add

# You can repeat this for other commands using SSH
git() { ssh-auth; command git "[email protected]"; }

@Shog9 2014-07-24 19:03:11

@alexis 2015-03-30 15:02:30

ssh-agent process do not seems to be associated with the same terminal used to run it. I guess ps -A | grep ssh-agent or ps h -C ssh-agent should be used instead of ps | grep ssh-agent

@alexis 2015-03-30 22:40:17

Using a hyphen in the function name might not be recommended. I don't know why, but read this. For instance, I found that echo ssh-auth | bash will fail.

@ST-DDT 2018-07-10 09:19:21

You can simplyfy this a bit more. Just check whether it is running and assign the env variables. And then add AddKeysToAgent yes (or use prompt) to your ssh config entry (use Host * for all Hosts.) That way you will only be asked for the SSH password if you actually try to connect otherwise you might be asked for a password for a simple git diff or git status.

@Ari Sweedler 2018-07-11 23:57:23

$HOME/.ssh might be more robust than /home/$(whoami)/.ssh

@oklas 2017-10-13 19:40:20

The basic solution to run ssh-agent is answered in many answers. However runing ssh-agent many times (per each opened terminal or per remote login) will create a many copies ot ssh-agent running in memory. The scripts which is suggested to avoid that problem is long and need to write and/or copy separated file or need to write too many strings in ~/.profile or ~/.schrc. Let me suggest simple two string solution:

For sh, bash, etc:

# ~/.profile
if ! pgrep -q -U `whoami` -x 'ssh-agent'; then ssh-agent -s > ~/; fi
. ~/

For csh, tcsh, etc:

# ~/.schrc
sh -c 'if ! pgrep -q -U `whoami` -x 'ssh-agent'; then ssh-agent -c > ~/.ssh-agent.tcsh; fi'
eval `cat ~/.ssh-agent.tcsh`

What is here:

  • search the process ssh-agent by name and by current user
  • create appropriate shell script file by calling ssh-agent and run ssh-agent itself if no current user ssh-agent process found
  • evaluate created shell script which configure appropriate environment

It is not necessary to protect created shell script ~/.ssh-agent.tcsh or ~/ from another users access because: at-first communication with ssh-agent is processed through protected socket which is not accessible to another users, and at-second another users can found ssh-agent socket simple by enumeration files in /tmp/ directory. As far as about access to ssh-agent process it is the same things.

@Lebnik 2016-08-09 13:31:12

Use parameter -A when you connect to server, example:

ssh -A [email protected]

from man page :

-A Enables forwarding of the authentication agent connection.  
   This can also be specified on a per-host basis in a configuration file.

   Agent forwarding should be enabled with caution.  Users with the ability to bypass file permissions on the remote host (for the agent's
   UNIX-domain socket) can access the local agent through the forwarded 
   connection.  An attacker cannot obtain key material from the agent,
   however they can perform operations on the keys that enable them to
   authenticate using the identities loaded into the agent.

@erikbwork 2017-05-24 08:01:22

What does it do and why?

@Scott Stensland 2017-07-02 22:04:31

as per man page ... man ssh ... -A Enables forwarding of the authentication agent connection. This can also be specified on a per-host basis in a configuration file.

@null_pointer 2017-06-09 18:12:56

Here is the solution I came up with when using PowerShell.

Add the below function to your Microsoft.PowerShell_profile.ps1

function RunSsh($userIdentity ) {

   [Environment]::SetEnvironmentVariable($variableName, $agent[0].Substring($position+1,$ending-$position-1))


   [Environment]::SetEnvironmentVariable($variableName, $agent[1].Substring($position+1,$ending-$position-1))

   if($userIdentity.Length -eq 0) {
   } else {
      ssh-add $userIdentity

Now from the command line you can run RunSsh which uses identity file in ~\.ssh folder or pass in the identity file with RunSsh C:\ssh\id_rsa where C:\ssh\id_rsa is your identity file.

For this to work you need to have ssh-add and ssh-agent in your path environment variable.

@Kip 2016-04-26 16:07:14

For bash built into Windows 10, I added this to .bash_profile:

if [ -z $SSH_AUTH_SOCK ]; then
    if [ -r ~/.ssh/env ]; then
            source ~/.ssh/env
            if [ `ps -p $SSH_AGENT_PID | wc -l` = 1 ]; then
                    rm ~/.ssh/env
                    unset SSH_AUTH_SOCK

if [ -z $SSH_AUTH_SOCK ]; then
    ssh-agent -s | sed 's/^echo/#echo/'> ~/.ssh/env
    chmod 600 ~/.ssh/env
    source ~/.ssh/env > /dev/null 2>&1

@erikbwork 2017-05-24 08:04:03

I don't know why you paste so much text if you could've just said to call $(ssh-agent -s) to set the agent's environment.

@yspreen 2017-11-23 20:06:30

This worked for me when I used it the first time. But after a system reboot, it actually caused the issue to be worse. With ssh not working at all anymore. Not recommended.

@user456814 2013-07-25 03:37:31

Did You Start ssh-agent?

You might need to start ssh-agent before you run the ssh-add command:

eval `ssh-agent -s`

Note that this will start the agent for msysgit Bash on Windows. If you're using a different shell or operating system, you might need to use a variant of the command, such as those listed in the other answers.

See the following answers:

  1. ssh-add complains: Could not open a connection to your authentication agent
  2. Git push requires username and password (contains detailed instructions on how to use ssh-agent)
  3. How to run (git/ssh) authentication agent?.
  4. Could not open a connection to your authentication agent

To automatically start ssh-agent and allow a single instance to work in multiple console windows, see Start ssh-agent on login.

Why do we need to use eval instead of just ssh-agent?

To find out why, see Robin Green's answer.

Public vs Private Keys

Also, whenever I use ssh-add, I always add private keys to it. The file ~/.ssh/ looks like a public key, I'm not sure if that will work. Do you have a ~/.ssh/id_rsa file? If you open it in a text editor, does it say it's a private key?

@xtian 2013-10-05 19:50:07

Waaa? Why is this getting up-voted with the phrase 'always add private keys'? No offense Cupcake, but this flies in the face of the defined advantage of pub/priv keys: "The critical advantage in an asymmetric key system is [...] never need to send a copy of their [private] keys to each other." 1. I'm not saying it doesn't work, I'm just saying its like a vegan eating Risotto because that's what the recipe says--or whatever.

@user456814 2013-10-05 20:00:42

@xtian I'm not sure that I understand the issue. I don't know the exact details, but I'm guessing that the private key is never sent over the network. I think ssh-add merely decrypts an encrypted private key on the host machine, so that it can be used's never sent to anyone. I'm guessing that only the public keys are ever sent over a network. Is my understanding incorrect?

@xtian 2013-10-06 00:16:23

You're too kind Cupcake. You're absolutely right. My bad. ex here; ssh-add adds the private key for the user's ssh-agent (running process) can act on the client/host's behalf with the server accepting rsa-whatever keys. Geez. I don't know what made me so excited.

@Ross Aiken 2013-10-25 00:00:02

@xtian getting ssh-add confused with ssh-copy-id? After a several-month-long hiatus from Linux, I stumbled on this question while trying to find the latter....

@user456814 2014-01-03 18:05:50

@Ali may I ask what specifically you do not understand?

@Ali 2014-01-03 18:10:14

@cupcake I mean, what is the original problem that is being resolved here, it solved the problem what ever it was, but I want to understand how it works, thanks,

@DanielM 2014-03-07 15:30:00

I'm curious why eval ssh-agent -s works, but ssh-agent on it's own doesn't.

@Vanessa Phipps 2014-04-28 16:44:26

@DanielM: SSH needs two things in order to use ssh-agent: an ssh-agent instance running in the background, and an environment variable set that tells SSH which socket it should use to connect to the agent (SSH_AUTH_SOCK IIRC). If you just run ssh-agent then the agent will start, but SSH will have no idea where to find it.

@ThorSummoner 2014-07-04 21:10:37

I had to kill [PID] my existing ssh-agent, and restart it like said in the answer. I located the current running ssh-agent with ps | grep ssh-agent on WindowsNT git bash

@Weishi Zeng 2014-09-12 22:26:02

@Cupcake How come eval will set the SSH_AUTH_SOCK for you? Could I also start ssh-agent and set the environment variable manually?

@user456814 2014-09-12 23:46:49

@WeishiZeng sorry, I don't know.

@Weishi Zeng 2014-09-13 01:22:58

Thanks for replying though. I just noticed that you used backquote in the command. I am so confused why the backquote (`) work for eval command but not single/double quote (', ") on my bash shell?

@user456814 2014-09-13 08:31:18

@WeishiZeng sorry, I don't know enough about Bash to explain why only backquotes work in this case either.

@Imad Moqaddem 2014-11-26 22:42:20

@WeishiZeng I know this is kind of late to answer, but it could help people.The command inside backquotes is executed in a new shell, and the output is sent to eval. If you execute ssh-agent, and copy/paste the output, then execute it, it will work as if you did use backquotes.

@emeraldhieu 2014-12-05 04:52:42

"'eval' is not recognized as an internal or external command, operable program or batch file.". How to fix it? (Windows 7)

@Kiran Mohan 2015-07-09 06:02:38

For an automated solution for CYGWIN BASH, check my reply to the question

@puk 2015-07-16 04:28:50

It might be useful to mention that "$(eval ssh-agent)" expires after a while (for me it was after I ended ssh session). Please indicate how to always launch ssh agent

@RonnyKnoxville 2015-08-03 10:25:36

Strangely ssh-add ~/.ssh/ did not work, but ssh-add added the relevant directory anway

@0andriy 2015-08-24 09:41:44

It could be a problem if gnome-keyring-daemon crashed. So, I found useful the… article

@information_interchange 2017-11-10 21:28:06

does anyone know how to do this in powershell? when you try it in ps: eval : The term 'eval' is not recognized as the name of a cmdlet, function, script file, or operable program. Check

@Damian Dixon 2018-04-24 18:03:53

If you are using git-bash on Windows check out the answer by Victor Alves below as his solution worked for me on Windows 10.

@Eduardo 2018-11-08 16:46:00

It worked for me, thank you. But I accidentally downvoted, if anyone edit this, I will be able to fix my vote (I will be grateful).

@Jee 2019-06-24 22:07:09

This worked like a charm. I've experienced the issue on a newly installed Linux distro.

@Jonathan DeMarks 2015-12-04 13:10:37

For PowerShell in Windows

I was having trouble with PoSH and the Start-SshAgent / Add-SshKey commands, so I whipped up a quick script that might help some folks out. This is intended to be added to your PowerShell profile which you can edit by executing notepad $PROFILE

if ($(Get-Process ssh-agent) -eq $null)
    $ExecutionContext.InvokeCommand.ExpandString($(ssh-agent -c).Replace("setenv", "set"));

It will detect if the ssh-agent is running or not and only execute if there is no agent running already. Please note that $ExecutionContext.InvokeCommand.ExpandString is a pretty dangerous command so you may not want to use this solution if you are using an untrusted copy of ssh-agent.

@BraveNewMath 2015-11-25 23:47:17

Also check you remote url. use [email protected] instead of https:// proptocol


@Chris Snow 2013-07-17 08:54:25

Could not open a connection to your authentication agent

To resolve this error:


$ eval `ssh-agent -s`


$ eval `ssh-agent -c`

Then use ssh-add as you normally would.

Hot Tip:

I was always forgetting what to type for the above ssh-agent commands, so I created an alias in my .bashrc file like this:

alias ssh-agent-cyg='eval `ssh-agent -s`'

Now instead of using ssh-agent, I can use ssh-agent-cyg


$ ssh-agent-cyg
SSH_AUTH_SOCK=/tmp/ssh-n16KsxjuTMiM/agent.32394; export SSH_AUTH_SOCK;
echo Agent pid 32395;
$ ssh-add ~/.ssh/my_pk

Original Source of fix:

@Chris Snow 2013-11-13 07:48:56

you will need to run the eval command every time you would have previously ran ssh-agent. I use an alias now, see the updated answer for how I do this.

@Shog9 2014-07-24 19:02:28

@RunHolt 2015-10-07 17:34:12

I also needed to use the ssh specification instead of https (see

@Nishant Ghodke 2017-01-25 12:05:57

You sir, you are awesome. Thanks. ** I faced the same problem while cloning a bitbucket repo, I'd already setup an ssh key, but kept getting error: fatal: Could not read from remote repository..

@desmond13 2019-01-30 10:49:04

Worked for me on windows 10 and git bash installed

@Kiran Mohan 2015-07-09 05:48:04

Read @cupcake's answer for explanations. Here I only try to automate the fix.

If you using Cygwin terminal with BASH, add the following to $HOME/.bashrc file. This only starts ssh-agent once in the first Bash terminal and adds the keys to ssh-agent. (Not sure if this is required on Linux)

# start ssh-agent for
# ssh authentication with
if [ ! -e $SSH_AUTH_SOCK_FILE ]; then
    # need to find SSH_AUTH_SOCK again.
    # restarting is an easy option
    pkill ssh-agent
# check if already running
SSH_AGENT_PID=`pgrep ssh-agent`
if [ "x$SSH_AGENT_PID" == "x" ]; then
#   echo "not running. starting"
    eval $(ssh-agent -s) > /dev/null
    ssh-add $HOME/.ssh/github.com_id_rsa 2>&1 > /dev/null
#   echo "already running"

DONT FORGET to add your correct keys in "ssh-add" command.

@BIOHAZARD 2015-06-12 13:58:51

In Windows 10 I tried all answers listed here but none of them seemed to work. In fact they give a clue. To solve a problem simply you need 3 commands. The idea of this problem is that ssh-add needs SSH_AUTH_SOCK and SSH_AGENT_PID environment variables to be set with current ssh-agent sock file path and pid number.

ssh-agent -s > temp.txt

This will save output of ssh-agent in file. Text file content will be something like this:

SSH_AUTH_SOCK=/tmp/ssh-kjmxRb2764/agent.2764; export SSH_AUTH_SOCK;
echo Agent pid 3044;

Copy something like "/tmp/ssh-kjmxRb2764/agent.2764" from text file and run following command directly in console:

set SSH_AUTH_SOCK=/tmp/ssh-kjmxRb2764/agent.2764

Copy something like "3044" from text file and run following command directly in console:

set SSH_AGENT_PID=3044

Now when environment variables (SSH_AUTH_SOCK and SSH_AGENT_PID) are set for current console session run your ssh-add command and it will not fail again to connect ssh agent.

@Isochronous 2015-07-09 17:36:53

Thank you! This was exactly what I needed.

@Jaskey 2015-10-20 05:33:15

No , still the same.

@K.Nicholas 2015-12-04 18:07:37

These steps are the same as doing 'eval $(ssh-agent)'

@ntl 2016-03-01 22:26:55

Fixed on my Windows 10! Thank you!

@Tomas Prado 2016-03-05 11:59:37

Thank you for explaining exactly what's going on, instead of just throwing bash commands at the answer.

@Frank Merrow 2018-10-16 22:48:54

WOW, what a journey . . . Thank you so much. I would add one comment for Jaskey or others where it seemed to fail. The environment variables need to be set in any session where you are using git.exe . . . NOT JUST ssh-add. In short, to use this solution, once you get ssh-agent running and ssh-add done, you need to make sure those environment variables are set in any terminal session where you want to use git.exe. In my case, I got ssh-add to work finally and but then git.exe failed . . . it was only then that I "saw the light" about the "terminal session" comments.

@greg hor 2019-09-23 13:23:22

This actually helped me to save the issue on Linux...just needed to replace set by export

@kenorb 2015-03-26 21:13:48

Try the following:

ssh-agent sh -c 'ssh-add && git push heroku master'

@Leon Grapenthin 2016-01-06 19:42:49

Looks like a clean way to do this.

@kecco 2015-02-25 11:44:41

This worked for me.

In the CMD window, type the following command:

cd path-to-Git/bin # (for example,cd C:\Program Files\Git\bin)
exec ssh-agent bash
ssh-add path/to/.ssh/id_rsa

@n3o 2013-07-19 06:12:03

I faced the same problem for Linux, and here is what I did:

Basically, the command ssh-agent starts the agent, but it doesn't really set the environment variables for it to run. It just outputs those variables to the shell.

You need to:

eval `ssh-agent`

and then do ssh-add. See Could not open a connection to your authentication agent.

@Shog9 2014-07-24 19:02:39

@Veve 2015-05-09 12:00:38

Worked for me too while having problem using boot2docker on Windows.

@Tom 2015-07-27 10:43:55

This was what it took for me.

@Vladius 2015-01-20 21:34:10

If you are using Putty, perhaps you need to set the "Connection/SSH/Auth/Allow agent forwarding" option to "true".

enter image description here

@Moonwalker 2014-11-17 14:14:01

I had a similar problem when I was trying to get this to work on Windows to connect to stash via ssh

Here is the solution that worked for me.

  1. Turns out I was running Pageant ssh agent on my Windows box - I would check what you are running. I suspect it is Pageant as it comes as default with Putty and winScp

  2. The ssh-add does not work from command line with this type of agent

  3. You need to add the private key via pageant UI window which you can get by doublicking the Pageant icon in the taskbar (once it is started).

  4. Before you add the key to Pageant you need to convert it to PPK format. Full instructions are available here How to convert SSH key to ppk format

  5. That is it. Once I uploaded my key to stash I was able to use SourceTree to create a local repo and clone the remote.

Hope this helps...

@ChechoroArtem 2013-11-26 13:47:33

Try to the following steps:

1) Open Git Bash and run: cd ~/.ssh

2) Try to run agent : eval $(ssh-agent)

3) Right now, you can run the following command : ssh-add -l

@Frug 2014-01-09 19:39:47

This is the only solution here that worked for me (on windows 7). First I used the ps aux | grep ssh and the kill command in Rick's answer to kill the agents. After that ssh-add worked without the -l switch (Using -l gave an error). eval 'ssh-agent' as in Rick's answer did not work, I had to use eval $(ssh-agent) like in Chechoro's answer here.

@Weblurk 2014-05-30 16:16:00

+1 I had the exact same problem as OP (Windows 7) and this is the only solution that worked for me.

@Shog9 2014-07-24 19:02:48

@M.M 2015-05-12 04:09:52

@Frug It is backticks, not apostrophes; in shell script that means to execute what's contained inside. $(ssh-agent) is equivalent to `ssh-agent` but more readable.

@Fahim Boron 2014-11-08 13:20:31

If you follow these instructions, your problem would be solved.

If you’re on a Mac or Linux machine, type:

eval "$(ssh-agent -s)"

If you’re on a Windows machine, type:

ssh-agent -s

@Devendra Singh 2014-04-19 10:24:44

Even I was getting "Could not open a connection to your authentication agent." on running the command while generating and adding SSH key: ssh-add ~/.ssh/id_rsa. I resolved it by stopping the multiple ssh-agent instances running on my machine and then uninstalled the Git from control panel on my windows machine and then again installed Git and things were working now.

@Shog9 2014-07-24 19:03:18

@SrBlanco 2014-06-25 18:47:21

Using Git Bash on Win8.1E, my resolution was as follows:

eval $(ssh-agent) > /dev/null
ssh-add ~/.ssh/id_rsa

@user456814 2014-07-04 21:12:42

Why is it necessary to output to /dev/null? Your answer basically does the exact same thing as this one.

@user456814 2014-07-04 21:41:45

Also, I'd like to point out that ~/.ssh/id_rsa is the default key, so you shouldn't have to specify ssh-add ~/.ssh/id_rsa, just ssh-add should work.

@nighliber 2015-07-20 17:10:07

I tried your solution in this same environment @Cupcake, it doesn't work. I don't get why this is the answer either, but unless I did it this way it never worked.

@Jahmic 2014-07-04 08:48:24

I had this problem, when I started ssh-agent, when it was already running. Gets confused. To see if this is the case, use

eval $(ssh-agent)

to see if this is the same as what you thought it should be. In my case, it was different than the one I just started.

To further verify if you have more than one ssh-agent running, you can review:

ps -ef | grep ssh

@user456814 2014-07-04 21:44:45

I think running eval $(ssh-agent) is supposed to create a new agent with a different PID every time, though I could be wrong.

@Vnge 2014-05-28 04:17:27

One thing I came across was that eval did not work for me using Cygwin, what worked for me was ssh-agent ssh-add id_rsa.

After that I came across an issue that my private key was too open, the solution I managed to find for that (from here):

chgrp Users id_rsa

as well as

chmod 600 id_rsa

finally I was able to use:

ssh-agent ssh-add id_rsa

@user456814 2014-06-05 14:58:04

Did you use eval `ssh-agent`, with the backticks ` around ssh-agent, as shown in my answer? That worked just fine for me in Cygwin. You seem to be right that ssh-agent ssh-add also works though, at least in the msysgit Bash. However, note that id_rsa is the default key that's used, so you don't need to specify it with ssh-agent ssh-add id_rsa.

@Vnge 2014-06-05 20:23:07

I believe I had used the backticks, but for me still no dice

@Chee Loong Soon 2015-08-17 04:47:01


@RobW 2012-04-09 17:43:54

MsysGit or Cygwin

If you're using Msysgit or Cygwin you can find a good tutorial at SSH-Agent in msysgit and cygwin and bash:

  1. Add a file called .bashrc to your home folder.

  2. Open the file and paste in:

    eval `ssh-agent -s`
  3. This assumes that your key is in the conventional ~/.ssh/id_rsa location. If it isn't, include a full path after the ssh-add command.

  4. Add to or create file ~/.ssh/config with the contents

    ForwardAgent yes

    In the original tutorial the ForwardAgent param is Yes, but it's a typo. Use all lowercase or you'll get errors.

  5. Restart Msysgit. It will ask you to enter your passphrase once, and that's it (until you end the session, or your ssh-agent is killed.)

Mac/OS X

If you don't want to start a new ssh-agent every time you open a terminal, check out Keychain. I'm on a Mac now, so I used the tutorial ssh-agent with zsh & keychain on Mac OS X to set it up, but I'm sure a Google search will have plenty of info for Windows.

Update: A better solution on Mac is to add your key to the Mac OS Keychain:

ssh-add -K ~/.ssh/id_rsa

Simple as that.

@Shog9 2014-07-24 19:02:22

@Kiril 2014-08-23 18:16:34

When I do eval `ssh-agent -s` the process does not stop when I exit cygwin.

@mix3d 2015-07-31 19:05:45

Is there a way to setup the config for Windows / gitbash so you dont have to do it every time?

@shredding 2015-08-13 07:46:48

It should be ps -u $(whoami) | grep ssh-agent &> /dev/null || eval $(ssh-agent) - otherwise a new ssh-agent is started everytime. Killed my machine every now and then when user had cronjobs.

@RobW 2015-08-19 15:25:33

@shredding, if that command is universal, feel free to edit my answer and add it in the appropriate place.

@Abdull 2015-12-01 09:12:41

~/.bashrc somehow wasn't evaluated in my Cygwin environment (maybe because of ). Instead I added the two statements from step 2 to ~/.profile, which works well.

@Seldom 'Where's Monica' Needy 2016-05-04 20:29:23

ForwardAgent yes isn't necessary and is a nontheoretical security risk if it's set for any untrusted server. Local access to your key-agent should function regardless of this setting.

@IgorGanapolsky 2016-08-12 17:57:31

Unknown option --K

@MichaelHuelsen 2017-07-11 13:09:03

The solution provided for MsysGit and Cygwin also works for the git bash emulation that is part of the git installation on Windows 7. The usage of eval is important.

@Pysis 2019-09-24 17:47:11

Didn't happen before, but this wasn't working this time, refused connection. Only had SSH_AUTH_SOCK. Started agent manually, transformed variables to work with fish, then it worked again =/.

@kris_IV 2020-07-21 17:48:02

After last MacOS update, you should use -k not a capital letter

@Robin Green 2010-11-03 11:53:19

ssh-add and ssh (assuming you are using the openssh implementations) require an environment variable to know how to talk to the ssh agent. If you started the agent in a different command prompt window to the one you're using now, or if you started it incorrectly, neither ssh-add nor ssh will see that environment variable set (because the environment variable is set locally to the command prompt it's set in).

You don't say which version of ssh you're using, but if you're using cygwin's, you can use this recipe from SSH Agent on Cygwin:

# Add to your Bash config file
if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; then
    trap "kill $SSH_AGENT_PID" 0

This will start an agent automatically for each new command prompt window that you open (which is suboptimal if you open multiple command prompts in one session, but at least it should work).

@Shog9 2014-07-24 19:02:17

@Andy J 2014-12-09 06:11:24

I was linked here from another SO question. Can I ask why it's necessary to add this to the Bash config file? On my machine all I need to do is run eval $(ssh-agent) and I can use password-less ssh for every new terminal window.

@Robin Green 2014-12-09 08:00:23

That shouldn't be possible, unless you're launching new terminals from that terminal.

@Victor Alves 2014-02-20 13:34:35

I tried the other solutions to no avail. I made more research and found that the following command worked. I am using Windows 7 and Git Bash.

eval $(ssh-agent)

More information in:

@Andreas Rudolph 2014-03-17 07:35:09

Worked on Windows 8 too.

@user456814 2014-04-19 18:58:15

I'm also using Windows 7 and Git Bash, and my answer works just fine. It's cool that you can also do it this way too though.

@NitinM 2019-11-06 17:33:46

Great !! Worked with windows 10 also.

@code_flow 2019-12-23 06:10:36

Worked on Manjaro

@Andrew Anderson 2020-03-22 14:12:40

$ eval "$(ssh-agent -s)" worked for me on Windows 10

@nanosoft 2020-03-29 17:52:51

Worked for me too. Don't understand it though.

@Mikael Puusaari 2020-09-02 08:25:09

thank you, worked like a charm! depending on which console you are using, it might not know which socket to use to connect to the ssh agent service, eval seems to fix that for you by setting the environment variable for that console, at least how I understand it

@neoramos 2014-04-25 14:13:48

In my case, my Comodo firewall had sandboxed the ssh agent. Once I disabled sandboxing I was able to clone the repository.

FYI, I am using Comodo firewall on Windows 7.

Related Questions

Sponsored Content

27 Answered Questions

[SOLVED] ssh "permissions are too open" error

  • 2012-02-14 02:02:31
  • Yannick Schall
  • 1504730 View
  • 2184 Score
  • 27 Answer
  • Tags:   permissions ssh

15 Answered Questions

[SOLVED] Git says "Warning: Permanently added to the list of known hosts"

16 Answered Questions

[SOLVED] github: No supported authentication methods available

2 Answered Questions

1 Answered Questions

[SOLVED] ssh-add in docker - Could not open a connection to your authentication agent

14 Answered Questions

10 Answered Questions

[SOLVED] Cannot push to Heroku because key fingerprint

1 Answered Questions

Could not open a connection to your authentication agent. Mac OS

  • 2015-02-24 09:55:15
  • user2696466
  • 688 View
  • 0 Score
  • 1 Answer
  • Tags:   ssh ssh-keys

Sponsored Content