My Git CLI Windows setup

This was mostly an excuse to get better with PowerShell

For the sake of continuous learning — and so I could use a couple work-related applications that don’t work even with WINE — I decided to spend more time in Windows. Let’s see if I can comfortably use Git from PowerShell. I’ll use the OpenSSH for Windows server for key management, since it’s already available on my system.

Setting up Git

winget knows about several Git-related packages, so my installation command needs to be specific.

PS > winget install --exact Git.Git

The installation puts Git’s cmd folder onto $env:Path, but PowerShell won’t see that until I refresh the variable.

PS > $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path","User")

And there it is!

PS > $env:path -split ";"
C:\Program Files\Git\cmd

I need to start a new session eventually, though. Can’t go around refreshing my path like that every time I open a new terminal. Though I suppose I could put this in PowerShell initialization.

Anyways, it looks like ssh-keygen is accessible via PowerShell.

PS > ssh-keygen -t rsa -b 4096 -C ""
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\brian/.ssh/id_rsa):

I add an SSH key with the details from C:/Users/brian/.ssh/, and check out a repo.

PS > git clone ssh://
Cloning into 'random-geekery-blog'...

That was easy enough. There are a couple bits missing from my regular Git day, though.

Conveniences with posh-git

For starters, I enjoy a pretty shell prompt with version control details. Let’s install the beta release of posh-git.

PS > Install-Module posh-git -Scope CurrentUser -AllowPrerelease -Force
PS C:\Users\brian\Projects\random-geekery-blog> Import-Module posh-git
~\Projects\random-geekery-blog [trunk ≡]>

Lovely! I can customize it later.

Getting an SSH agent with posh-sshell

I dislike entering my ssh passphrase every time I interact with a version control server. Need to get some sort of ssh-agent working.

Looks like posh-sshell can help with that?

Install-Module posh-sshell -Scope CurrentUser

Of course, I should probably enable the ssh-agent service from an Admin PowerShell session:

Get-Service -Name ssh-agent | Set-Service -StartupType Manual

I don’t know why “Manual.” That’s what this StackOverflow answer said, and it seems to be working.

Over in my PowerShell init, I make sure the new modules are loaded, set some handy aliases for using my SSH keys, and start the SSH Agent.


Import-Module posh-git
Import-Module posh-sshell

Set-Alias ssh-agent "$env:WinDir\System32\OpenSSH\ssh-agent.exe"
Set-Alias ssh-add "$env:WinDir\System32\OpenSSH\ssh-add.exe"

Start-SshAgent -Quiet

Knowing me I’ll eventually generate this from my orgconfig.

After starting a new session, everything seems successful.

~\Projects> ssh-add
~\Projects> git clone
Cloning into 'dotfiles'...
The authenticity of host ' (' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no)?
Warning: Permanently added ',' (RSA) to the list of known hosts.
warning: agent returned different signature type ssh-rsa (expected rsa-sha2-512)
remote: Enumerating objects: 405, done.
remote: Counting objects: 100% (405/405), done.
remote: Compressing objects: 100% (228/228), done.
remote: Total 1083 (delta 272), reused 299 (delta 172), pack-reused 678 receiving objects:  92% (997/1083)
Receiving objects: 100% (1083/1083), 743.31 KiB | 1.83 MiB/s, done.
Resolving deltas: 100% (571/571), done.

Did you see this bit?

Warning: Permanently added ',' (RSA) to the list of known hosts.
warning: agent returned different signature type ssh-rsa (expected rsa-sha2-512)

That warning is a known issue with OpenSSH on Windows, and should go away in the next month or two. The bad news: until it’s fixed, different repository servers handle the mismatch differently. What I noticed while working through the process that became this post:

  • Github issued the warning but let me continue
  • A server running Gitea issued the warning and would not let me continue

This is significant enough to highlight:


If you’re using the Windows OpenSSH server before the 2020 Fall Update, you may want to skip the ssh-agent bits.

But other than that, things are working pretty good. Learning is fun!