Sharing SSH keys between Windows and the WSL
I recently wrote up an article for that covers how I setup my personal development environment to use the new WSL 2. One of the things that I cover in that article is how to get SSH setup in the WSL with Github. I mention in that section that you can share SSH keys between Windows and the WSL, but I never showed exactly how to do it. There’s a good reason for that.
I couldn’t figure it out.
An SSH key is specific to a machine. Your machine. The problem is that the Linux distro you install in the WSL see’s itself as it’s own operating system, and it wants it’s own set of SSH keys.
To get around this, I suggest setting up the SSH keys on the WSL side only, and not doing it on the Windows side. This is all well and good as long as you aren’t doing any development or work on the Windows side that you might need SSH keys for. What if you do? What then? Do you have to set everything up on the Windows side too?
No - you don’t. In this article, I'll show you how to share one set of SSH keys between Windows and the WSL so you can identify it as what it is - one machine.
Setup SSH on Windows first
My recommendation is that you setup SSH on the Windows side first. Follow the instructions over on to do this. It will walk you through generating the key, starting the agent and then adding your key to Github.
Copy keys to WSL
To use this same set of keys in the WSL, you first need to copy them over. The keys are almost always located at c:\Users\<username>\.ssh. That’s a folder. You will need to copy that entire folder from Windows, to the WSL.
Open a terminal instance attached to the WSL. Might I recommend the free ? You’ll love it. I promise. If you’re not 100% satisfied, you can get your money back - no questions asked.
Execute the following command to copy the keys from Windows to the WSL.
cp -r /mnt/c/Users/<username>/.ssh ~/.ssh
- Note that if you installed Github desktop, you do not need to setup SSH keys on the Windows side, and the .ssh folder will not be present. Make sure you follow the Github instructions above to generate the SSH keys on Windows.
If you were to try and push something to Github from the WSL, it will warn you that it doesn’t recognize the remote host and it will ask you if you want to connect. Type “yes”. Then you will get an error that looks something like this…
Like nearly everything that goes wrong on Linux, this is a permissions issue. You need to adjust the permissions on the key file to get this working. To do that, run the following command from the WSL.
chmod 600 ~/.ssh/id_rsa
What this does is set Read/Write access for the owner, and no access for anyone else. That means that nobody but you can see this key. The way god intended.
Now try and push to Github…
Now, you will be asked to enter your passphrase every single time you try and push to Github. That’s going to get old in a hurry. This is because the ssh agent isn’t running on the Linux side. To get the agent running when the WSL starts, first install .
sudo apt install keychain
Then add the following line to your ~/.bashrc file….
eval `keychain --eval --agents ssh id_rsa`
Each time you reboot, you’ll have to enter your passphrase. But you only have to do it one time until you reboot or terminate the WSL.
- There are other ways to auto-start the ssh-agent in the WSL. There are instructions in that show how to do with with Zsh.
Sharing is caring
While you can setup SSH keys on both the Linux and the Windows side, it feels a bit redundant. It also feels a bit like I’m not utilizing the full potential of the WSL, which is that it lets me move between the two operating systems as if they were one. Sharing the same set of keys feels a bit more like I’m on one system instead of two.