Hi,
newer versions of the PuTTY-CAC agent can act as ssh agent for Windows WSL 1 ssh clients.
Putty can open UNIX sockets which the wsl ssh client can use.
This can be done by starting the putty agent with the parameter –unix
1 | D:\> D:\PuTTY-CAC\pageant.exe pageant --unix C:\Users\michael\.ssh\agent.sock |
In your WSL environment set the variable SSH_AUTH_SOCK
1 | SSH_AUTH_SOCK=/mnt/c/Users/michael/.ssh/agent.sock |
or add an include to your /mnt/c/Users/michael/.ssh/config
1 | IdentityAgent /mnt/c/Users/michael/.ssh/agent.sock |
1 2 3 4 5 6 7 8 9 10 11 12 | michael@wsl ~ # ssh root@10.10.10.220 ____ _ _ _ _ ____| _ \ ___ ___| | ___ __ (_) | || | | __ )| |_) / _ \ / __| |/ / '_ \| | | || |_| _ \| _ < (_) | (__| <| |_) | | |__ _| |_) ||_| \_\___/ \___|_|\_\ .__/|_| |_| |____/ |_|Welcome to Armbian 20.11 Bionic with Linux 5.9.11-rockchip64System load: 49% Up time: 88 days 4:10Memory usage: 10% of 3.71G Zram usage: 12% of 1.85G IP: 10.10.10.220CPU temp: 39°C Usage of /: 42% of 29G |
For WSL 2 this wouldn’t work because each WSL 2 instance has its own kernel could not reach the PuTTY agent socket /mnt/c/Users/michael/.ssh/agent.sock
A helper/mapper is needed. This can be done by my .NET Application PageantRelayNamedPipe or the .NET Core Application PageantRelaySocket.
Download the one of the last release
, keep in mind PageantRelaySocket requires the installation .NET core. and extract it to C:\Users\michael\.ssh\
Then prepare your Environment. Create a folder .ssh in your Userprofile folder.
1 | D:\> mkdir %USERPROFILE%\.ssh |
Configure your PuTTY Auth Agents command line parameter. When you use PageantRelayNamedPipe then add –openssh-config
1 | D:\PuTTY-CAC\pageant.exe --openssh-config C:\Users\michael\.ssh\pageant.conf |
If you want to use PageantRelaySocket then add –unix
1 | D:\PuTTY-CAC\pageant.exe --unix C:\Users\michael\.ssh\agent.sock |
Note: For a simple configuration pageant.conf and agent.sock are hardcoded in PageantRelayNamedPipe and PageantRelaySocket .
Then prepare your WSL 2 instance.
Enter instance
1 | PS D:\> wsl -d Debian |
Install requiered packages
1 | michael@debdev-wsl:/mnt/c/Users/Michael$ sudo apt install socat iproute2 |
Start the PuTTY agent forwarding (NamedPipe Version)
1 2 3 4 | michael@debdev-wsl:/mnt/c/Users/Michael$ export SSH_AUTH_SOCK="/home/michael/.ssh/agent.sock"michael@debdev-wsl:/mnt/c/Users/Michael$ rm $SSH_AUTH_SOCKmichael@debdev-wsl:/mnt/c/Users/Michael$ setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"/mnt/c/users/michael/.ssh/PageantRelayNamedPipe.exe" &nohup: ignoring input and appending output to 'nohup.out' |
Start the PuTTY agent forwarding (Socket Version)
1 2 3 4 | michael@debdev-wsl:/mnt/c/Users/Michael$ export SSH_AUTH_SOCK="/home/michael/.ssh/agent.sock"michael@debdev-wsl:/mnt/c/Users/Michael$ rm $SSH_AUTH_SOCKmichael@debdev-wsl:/mnt/c/Users/Michael$ setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"/mnt/c/users/michael/.ssh/PageantRelaySocket.exe" &nohup: ignoring input and appending output to 'nohup.out' |
Then not try to connect
1 2 3 4 5 6 7 8 9 10 11 12 | michael@debdev-wsl ~ # ssh root@10.10.10.220 ____ _ _ _ _ ____| _ \ ___ ___| | ___ __ (_) | || | | __ )| |_) / _ \ / __| |/ / '_ \| | | || |_| _ \| _ < (_) | (__| <| |_) | | |__ _| |_) ||_| \_\___/ \___|_|\_\ .__/|_| |_| |____/ |_|Welcome to Armbian 20.11 Bionic with Linux 5.9.11-rockchip64System load: 2% Up time: 88 days 4:10Memory usage: 10% of 3.71G Zram usage: 23% of 1.85G IP: 10.10.10.220CPU temp: 45°C Usage of /: 55% of 29G |
Troubleshooting WSL2: If forwarding won’t work.
Start socat in foreground. In most cases this gives some hints whats going wrong: Omit leading “setsid nohup” and trailing “&”:
1 | michael@debdev ~ # socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"/mnt/c/users/michael/.ssh/PageantRelaySocket.exe" |
Michael