Tower Help & Support

Using and Managing SSH Keys

Authentication with remote services is often accomplished with SSH Keys. While being a very secure and professional method, it can be a bit tedious to set up and manage. Tower makes this easier by allowing you to manage SSH keys for your accounts right from within the app.

Using Tower to Load SSH Keys

With a service account selected in the sidebar, activate the Account tab on the right to get an overview of this account's authentication settings.

In the Git Connection Settings, Tower can be instructed to load and use a dedicated SSH key. For this, you need to provide the path to an existing private SSH key and the password for it. Tower will always only send the corresponding Public key to the service.

Using an External Key Manager or SSH Agent

In Tower's preferences, you can enable Use local SSH settings on the General tab. This instructs Tower to pass system and user level environment variables to Git. You can validate this by opening Terminal from Tower.

Managing Keys with PuTTY/Plink

After pointing the environment variable GIT_SSH to a valid plink.exe, Git will receive the registered keys from Plink, the key manager in the PuTTY bundle.

Please note that you cannot use PuTTY "PPK" files as SSH keys for your Tower service accounts. Tower uses ssh-agent to authenticate, and this only uses and understands SSH keys. You will need to convert your PuTTY keys to SSH keys and also make sure that PuTTY is not running in the background, overtaking the SSH authentication.

Managing Keys with an Existing SSH Agent

Should you choose to run your own SSH agent, please make sure the environment variable SSH_AGENT_PID points to a valid Process ID and the variable SSH_AUTH_SOCK names the corresponding socket.
If you'd like to use PowerShell to run an SSH agent, this article should get you started.

Managing SSH Public Keys

With a service account selected in the sidebar, activate the Public Keys tab on the right to get an overview of this account's keys.

Adding a Public Key

To add a public key to a service account, you need to click Create Public Key on the top of the list of existing keys.

In the following dialog, it's crucial that you (a) only enter the public part of your key and (b) enter it exactly as it's contained in the .pub file.

Deleting a Public Key

To delete a public key from your service account, simply click the Delete button on the right of the entry in Tower. Your local key files will of course not be deleted hereby; this affects only the saved key in your service account.

Editing a Public Key

Tower does not support changing or editing a public key item - because it's extremely fast & easy to simply delete and recreate a public key through Tower's interface.

More information about SSH Public Keys
You can find detailed instructions on how to create and handle public keys in general on our learning platform