Automating Git/SSH Setup on Windows

Grad school is taking up all my free brain cells at the moment, but I wanted to put this out there before I forget it.

Automating Git/SSH Setup on Windows
Every once in awhile I have the need to automate a Windows deployment that will reach out to a remote Git repository and start syncing files. This is common in the Linux world, but there aren’t too many concrete examples online of all the necessary steps for Windows, probably because a lot of folks in Windows-land still aren’t automating this kind of task end to end. Here’s what I did in Powershell on Windows Server 2012 R2. Hope it saves somebody out there some time.

1. Install Chocolatey
Chocolatey is the package manager I used to install the Git tools.

iex ((new-object net.webclient).DownloadString(''))

2. Install Git tools
If you’re testing these steps manually, you may see a warning about restarting your shell to use Chocolatey, but I didn’t need to do this. I just ran the next command to silently install Git for Windows and the associated Unix tools (including git bash):

choco install git.install -y -params "/GitAndUnixToolsOnPath"

3. Reload your path from machine context
In a manual setting, this is where you would restart your shell so the Git tools show up on your path. That’s inconvenient in an automation script, so you can just force a refresh of the path in your current context (H/T):

$env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine")

4. Set up SSH connectivity
If you’ll be authenticating to your Git repo with a username and password, you can stop here. But in an automated setting, you’ll likely want to use an SSH key.

First, consider where to place your .ssh directory. If you were installing SSH for personal use, you’d put it in your own C:\Users folder, but that may not make sense if you’re setting up automation that runs under some service account. Ultimately, Git on Windows looks in the $env:HOME variable for the .ssh directory, so you may want to modify that variable globally with some path of your choosing:

$homedir = "C:\your\chosen\folder"
setx HOME $homedir /m

Now you can make an .ssh directory in that folder and generate a public and private SSH key:

mkdir $homedir\.ssh
ssh-keygen -t rsa -f $homedir\.ssh\id_rsa -N "''"

In my case, I already had a private key set up with access to my repo, so instead of generating a new id_rsa file with ssh-keygen, I just copied mine down from an AWS s3 bucket to $homedir\.ssh\id_rsa. If you copy an existing private key into your .ssh folder, you’ll then need to create a public key for your private key like this:

ssh-keygen -f $homedir\.ssh\id_rsa -y > $homedir\.ssh\

5. Set up an SSH config file
The first time you try to connect to your remote repository, you’ll get a prompt asking you to confirm adding the remote host to your known_hosts file. To skip that, you can add an exception to your ssh config file as follows:

"Host yourhost
StrictHostKeyChecking no" | set-content $homedir\.ssh\config

There are security implications to doing this, so make sure you understand the ramifications before editing the config file.

6. Run git commands!
Now you can clone, pull, fetch and do other cool git stuff in your automation.

Automating Git/SSH Setup on Windows