=== Accessing ssh controlled repositories from a Windows Client === {{{#!wiki important Original `plink.exe` will lock if private keys are password protected. It expects the password to be entered at stdin, but stdin is redirected. For a workaround, load your keys into Pageant utility (`pageant.exe` from [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download|PuTTY]]) or get `TortoisePlink.exe` from TortoiseHg distribution. }}} 1. Grab {{{putty.exe}}} and {{{plink.exe}}} from [[http://www.chiark.greenend.org.uk/~sgtatham/putty/|PuTTY]] website. 2. Connect to remote ssh host over ssh using PuTTY once and have PuTTY save its key as a known host. 3. Add the following to the {{{[ui]}}} section of your {{{~/Mercurial.ini}}} file {{{ ssh="C:\path to\plink.exe" -ssh -i "C:\your path to\private.key" }}} 4. Profit!!! ''Plink.exe also has a -batch argument which tells plink to run non-interactively. Any activity that would normally require user interaction (a new host key, for instance) will cause plink to exit immediately rather than stall. When an ssh operation fails, you can use the --debug argument to figure out what went wrong.'' -- Steve Borho ''I'm using a non-standard SSH port number. I found that plink.exe will first use the hostname to look up a saved PuTTY session of that same name, and get the correct port number from there. But if I give plink.exe the -ssh parameter, the saved PuTTY session is not used and therefore it doesn't use the correct port number. The -ssh parameter is unnecessary anyway, because SSH is the default protocol. I also found the -i parameter to be unnecessary when using pageant; if I have loaded my key in pageant, plink finds it.'' -- David Handy {{{#!wiki comment ''This didn't work for me with the latest windows version, maybe because I'm using key authentication with a passphrase. I got cygwin ssh to work though. Follow the instructions for this on [[WindowsInstall#Using_the_SSH_protocol]].'' -- krupan <> }}} {{{#!wiki comment ''I got this to work with my passphrase-locked ssh keys by following the directions below, but the Mercurial.ini syntax above seemed to be very sensitive. It didn't work when I put quotes around /path/to/plink. That took a while to figure out :-('' -- krupan ''Also observed the effect above: no attempts to quote plink path worked - very ugly errors, like `remote: Incorrect file name, directory name, or volume label. abort: no suitable response from remote hg!` and unquoted path like `C:\Program Files\Putty\plink.exe` resulted in attempts to run `C:\Program`. I ended up creating `C:\Bin` and copying plink.exe there. Interesting that path to key could be quoted.'' -- Marcin.Kasperski }}} To get your passphrase-locked SSH keys to work properly under PuTTY, you'll need to go through the following steps. 1. Download {{{putty.exe}}}, {{{puttygen.exe}}}, {{{pageant.exe}}}, and {{{plink.exe}}} from the [[http://www.chiark.greenend.org.uk/~sgtatham/putty/|PuTTY website]]. You may want {{{pscp.exe}}} as well if you plan to do SCP, but it's not necessary for running Mercurial. 2. Copy your SSH private key onto your Windows machine. 3. PuTTY uses its own private format for SSH private keys, so you'll need to convert your private key. Run {{{puttygen.exe}}} and choose {{{Import key}}} from the {{{Conversions}}} menu. 4. Import your private key; enter its passphrase when prompted. 5. Change the key comment to something meaningful. 6. Click the {{{Save private key}}} button and save the .PPK file somewhere. 7. Run {{{pageant.exe}}}. The pageant icon (a computer wearing a hat) will show up in the status tray. 8. Right-click the pageant icon and choose {{{Add Key}}}. 9. Choose the .PPK file you saved earlier and type in its passphrase. 10. Follow steps 2 & 3 above: connect to the remote host, save its key, and edit your {{{Mercurial.ini}}} file. 11. Enjoy your newly-secure SSH authentication on Windows! -- RobinMunn Note that {{{pageant.exe}}} caches your unlocked key in memory, which could conceivably make its way into your swap file. Be aware of the security implications of that fact. (For example, if your computer is ever stolen, it would be wise to consider that SSH key compromised and change it as soon as possible). ---- CategoryHowTo CategoryWindows