Skip to content

Commit 83088f9

Browse files
mamemame
committed
Update README.md
1 parent 71d380e commit 83088f9

File tree

1 file changed

+83
-8
lines changed

1 file changed

+83
-8
lines changed

README.md

Lines changed: 83 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -4,25 +4,100 @@ This tool allows from WSL2 to use the ssh-agent service on Windows host.
44

55
## How to use
66

7-
### 1. Install wsl2-ssh-agent on WSL2
7+
### 1. Install wsl2-ssh-agent
8+
9+
Put `wsl2-ssh-agent` command in your favorite directory in WSL2, for example, `$HOME/`.
810

911
```
10-
go install https://github.com/mame/wsl2-ssh-agent@latest
12+
curl -O https://github.com/mame/wsl2-ssh-agent/releases/latest/download/wsl2-ssh-agent
13+
chmod 755 wsl2-ssh-agent
1114
```
1215

13-
And you will see `$HOME/go/bin/wsl2-ssh-agent`.
14-
15-
### 2. Modify .bashrc
16+
### 2. Modify `.bashrc`
1617

17-
Just add the following line to .bashrc.
18+
Add the following line to `.bashrc`.
1819

1920
```
20-
eval $($HOME/go/bin/wsl2-ssh-agent)
21+
eval $($HOME/wsl2-ssh-agent)
2122
```
2223

2324
Close and reopen the terminal and execute `ssh your-machine`.
2425
The command should communicate with ssh-agent.exe service.
2526

2627
## Troubleshooting
2728

28-
*TBD*
29+
### Make sure that ssh-agent.exe is working properly
30+
31+
* Open the "Services" app and check that "OpenSSH Authentication Agent" service is installed and running.
32+
* Check that `ssh your-machine` works perfect on cmd.exe or PowerShell, not on WSL2.
33+
34+
### Check the log of ssh
35+
36+
* You may want to run `ssh -v your-machine` and read the log. If everything is good, you should see the following log.
37+
38+
```
39+
debug1: get_agent_identities: bound agent to hostkey
40+
debug1: get_agent_identities: agent returned XXX keys
41+
```
42+
43+
### Check the log of wsl2-ssh-agent
44+
45+
* Run `wsl2-ssh-agent` in verbose and foreground mode and read the log. This is an example output.
46+
47+
```
48+
# Stop the existing server if any
49+
$ $HOME/wsl2-ssh-agent -stop
50+
51+
# Run in foreground mode
52+
$ $HOME/wsl2-ssh-agent --verbose --foreground
53+
[L] 2023/02/10 20:30:00 check the version of ssh.exe
54+
[L] 2023/02/10 20:30:01 the version of ssh.exe: "OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3"
55+
[L] 2023/02/10 20:30:01 ssh-agent.exe seems to be old; ignore OpenSSH extension messages
56+
[L] 2023/02/10 20:30:01 start listening on /home/mame/.ssh/wsl2-ssh-agent.sock
57+
[L] 2023/02/10 20:30:01 invoking [W] in PowerShell.exe
58+
[W] 2023/02/10 21:51:09 ready: PSVersion 5.1.22621.963
59+
[L] 2023/02/10 20:30:02 [W] invoked successfully
60+
[L] 2023/02/10 20:30:05 ssh: connected
61+
[L] 2023/02/10 20:30:05 ssh -> [L] (XXX B)
62+
[L] 2023/02/10 20:30:05 ssh <- [L] (5 B) <dummy for OpenSSH ext.>
63+
[L] 2023/02/10 20:30:05 ssh -> [L] (5 B)
64+
[L] 2023/02/10 20:30:05 [L] -> [W] (5 B)
65+
[W] 2023/02/10 21:51:12 [L] -> [W] -> ssh-agent.exe (5 B)
66+
[W] 2023/02/10 21:51:12 [L] <- [W] <- ssh-agent.exe (XXX B)
67+
[L] 2023/02/10 20:30:05 [L] <- [W] (XXX B)
68+
[L] 2023/02/10 20:30:05 ssh <- [L] (XXX B)
69+
[L] 2023/02/10 20:30:05 ssh -> [L] (XXX B)
70+
[L] 2023/02/10 20:30:05 [L] -> [W] (XXX B)
71+
[W] 2023/02/10 21:51:12 [L] -> [W] -> ssh-agent.exe (XXX B)
72+
[W] 2023/02/10 21:51:12 [L] <- [W] <- ssh-agent.exe (XXX B)
73+
[L] 2023/02/10 20:30:05 [L] <- [W] (XXX B)
74+
[L] 2023/02/10 20:30:05 ssh <- [L] (XXX B)
75+
[L] 2023/02/10 20:30:05 ssh: closed
76+
```
77+
78+
## How wsl2-ssh-agent works
79+
80+
Linux ssh client connects to ssh-agent via a UNIX domain socket, while ssh-agent.exe service on Windows is listening on a named pipe. This command connects those two in the following mechanism.
81+
82+
```mermaid
83+
graph TB
84+
subgraph WSL2
85+
A(ssh) <-->|UNIX domain socket| B("wsl2-ssh-agent")
86+
end
87+
subgraph Windows
88+
B <-->|stdin/stdout| C("PowerShell.exe")
89+
C <-->|named pipe| D(ssh-agent.exe)
90+
end
91+
```
92+
93+
* wsl2-ssh-agent listens on a UNIX domain socket (by default, $HOME/.ssh/wsl2-ssh-agent.sock).
94+
* wsl2-ssh-agent invokes PowerShell.exe as a child process, which can communicate with ssh-agent.exe service via a named pipe.
95+
* wsl2-ssh-agent and PowerShell.exe communicates via stdin/stdout thanks to WSL2 interop.
96+
97+
## Note
98+
99+
Usually, ssh and ssh-agent should be the same version. However, OpenSSH on Ubuntu 22.04 is 8.9, while Windows bundles OpenSSH 8.6 (on my machine, as of this writing).
100+
101+
[OpenSSH has extended the ssh-agent protocol since 8.9](https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.agent). However, ssh-agent.exe does not understand the extended message and will not communicate properly. ([Japanese article](https://zenn.dev/qnighy/articles/8b992970b86653))
102+
103+
To address this issue, wsl2-ssh-agent does not pass the extended message to ssh-agent.exe. Instead, it swallows the message and reply a dummy SSH_AGENT_SUCCESS message to ssh client. Note that this may reduce the security strength. Please use this tool at your own risk.

0 commit comments

Comments
 (0)