diff --git a/agents/git-credentials/pom.xml b/agents/git-credentials/pom.xml
new file mode 100644
index 00000000000..ff29f3e928a
--- /dev/null
+++ b/agents/git-credentials/pom.xml
@@ -0,0 +1,33 @@
+
+
+
+ 4.0.0
+
+ che-agents-parent
+ org.eclipse.che
+ 5.13.0-SNAPSHOT
+
+ git-credentials-agent
+ Git Credentials Agent
+
+
+ com.google.inject
+ guice
+
+
+ org.eclipse.che.core
+ che-core-api-agent-shared
+
+
+
diff --git a/agents/git-credentials/src/main/java/org/eclipse/che/api/agent/GitCredentialsAgent.java b/agents/git-credentials/src/main/java/org/eclipse/che/api/agent/GitCredentialsAgent.java
new file mode 100644
index 00000000000..8cdc4d6b9ec
--- /dev/null
+++ b/agents/git-credentials/src/main/java/org/eclipse/che/api/agent/GitCredentialsAgent.java
@@ -0,0 +1,39 @@
+/*******************************************************************************
+ * Copyright (c) 2012-2017 Codenvy, S.A.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * Codenvy, S.A. - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.che.api.agent;
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+
+import org.eclipse.che.api.agent.shared.model.Agent;
+import org.eclipse.che.api.agent.shared.model.impl.BasicAgent;
+
+import java.io.IOException;
+
+/**
+ * Git credentials agent.
+ * Creates sh script that retrieves SSH keys from user preferences for console Git SSH operations.
+ * Injects Git username and email from user preferences to console Git preferences.
+ *
+ * @see Agent
+ *
+ * @author Igor Vinokur
+ */
+@Singleton
+public class GitCredentialsAgent extends BasicAgent {
+ private static final String AGENT_DESCRIPTOR = "org.eclipse.che.git.json";
+ private static final String AGENT_SCRIPT = "org.eclipse.che.git.script.sh";
+
+ @Inject
+ public GitCredentialsAgent() throws IOException {
+ super(AGENT_DESCRIPTOR, AGENT_SCRIPT);
+ }
+}
diff --git a/agents/git-credentials/src/main/resources/org.eclipse.che.git.json b/agents/git-credentials/src/main/resources/org.eclipse.che.git.json
new file mode 100644
index 00000000000..2a6b5869eaf
--- /dev/null
+++ b/agents/git-credentials/src/main/resources/org.eclipse.che.git.json
@@ -0,0 +1,5 @@
+{
+ "id": "org.eclipse.che.git-credentials",
+ "name": "Git-Credentials-Agent",
+ "description": "Agent fetches SSH keys, Git username and email from CHE user preferences, and injects to console Git"
+}
diff --git a/agents/git-credentials/src/main/resources/org.eclipse.che.git.script.sh b/agents/git-credentials/src/main/resources/org.eclipse.che.git.script.sh
new file mode 100644
index 00000000000..36e13089bb6
--- /dev/null
+++ b/agents/git-credentials/src/main/resources/org.eclipse.che.git.script.sh
@@ -0,0 +1,58 @@
+#
+# Copyright (c) 2012-2017 Codenvy, S.A.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+# Contributors:
+# Codenvy, S.A. - initial API and implementation
+#
+
+SCRIPT_FILE=~/.ssh/git.sh
+
+token=$(if [ "$USER_TOKEN" != "dummy_token" ]; then echo "$USER_TOKEN"; fi)
+che_host=$(cat /etc/hosts | grep che-host | awk '{print $1;}')
+api_url=$(if [ "$CHE_API" != "http://che-host:8080/wsmaster/api" ]; then echo "$CHE_API"; else echo "$che_host:8080/api"; fi)
+
+CURL_INSTALLED=false
+WGET_INSTALLED=false
+command -v curl >/dev/null 2>&1 && CURL_INSTALLED=true
+command -v wget >/dev/null 2>&1 && WGET_INSTALLED=true
+
+# no curl, no wget, install curl
+if [ ${CURL_INSTALLED} = false ] && [ ${WGET_INSTALLED} = false ]; then
+ PACKAGES=${PACKAGES}" curl";
+ CURL_INSTALLED=true
+fi
+
+request=$(if ${CURL_INSTALLED}; then echo 'curl -s'; else echo 'wget -qO-'; fi)
+
+echo 'host=$(echo $(if [ "$1" = "-p" ]; then echo "$3" ; else echo "$1"; fi) | sed -e "s/git@//")' > ${SCRIPT_FILE}
+echo 'token='"$token" >> ${SCRIPT_FILE}
+echo 'api_url='"$api_url" >> ${SCRIPT_FILE}
+echo 'request="'${request}'"' >> ${SCRIPT_FILE}
+# Ssh key request may return key with decoded '=' symbol, so need to replace '\u003d' to '='.
+# TODO remove the replacement after https://github.com/eclipse/che/issues/5253 will be fixed.
+echo 'ssh_key=$(${request} "$api_url/ssh/vcs/find?name=$host$(if [ -n "$token" ]; then echo "&token=$token"; fi)"| grep -Po '\''"privateKey":.*?[^\\\\]",'\''| sed -e "s/\"privateKey\":\"//" | sed -e "s/\\\\\u003d/=/g")' >> ${SCRIPT_FILE}
+echo 'if [ -n "$ssh_key" ]' >> ${SCRIPT_FILE}
+echo 'then' >> ${SCRIPT_FILE}
+echo ' key_file=$(mktemp)' >> ${SCRIPT_FILE}
+echo ' echo "$ssh_key" > "$key_file"' >> ${SCRIPT_FILE}
+echo ' ssh -i "$key_file" "$@"' >> ${SCRIPT_FILE}
+echo ' rm "$key_file"' >> ${SCRIPT_FILE}
+echo 'else' >> ${SCRIPT_FILE}
+echo ' ssh "$@"' >> ${SCRIPT_FILE}
+echo 'fi' >> ${SCRIPT_FILE}
+
+chmod +x ${SCRIPT_FILE}
+
+user_name="$(${request} "$api_url/preferences$(if [ -n "$token" ]; then echo "?token=$token"; fi)" | grep -Po '"git.committer.name":.*?[^\\]",' | sed -e "s/\"git.committer.name\":\"//" | sed -e "s/\",//")"
+user_email="$(${request} "$api_url/preferences$(if [ -n "$token" ]; then echo "?token=$token"; fi)" | grep -Po '"git.committer.email":.*?[^\\]",' | sed -e "s/\"git.committer.email\":\"//" | sed -e "s/\",//")"
+git config --global user.name \""$user_name"\"
+git config --global user.email \""$user_email"\"
+
+if [ -z "$(cat ~/.bashrc | grep GIT_SSH)" ]
+then
+ printf '\n export GIT_SSH='"$SCRIPT_FILE" >> ~/.bashrc
+fi
diff --git a/agents/pom.xml b/agents/pom.xml
index 66f05fa4754..895a487b79c 100644
--- a/agents/pom.xml
+++ b/agents/pom.xml
@@ -32,6 +32,7 @@
che-core-api-agent-shared
che-core-api-agent
ls-json
+ git-credentials
ls-php
ls-python
ls-typescript
diff --git a/assembly/assembly-wsmaster-war/pom.xml b/assembly/assembly-wsmaster-war/pom.xml
index 51ba210e56c..502813b0793 100644
--- a/assembly/assembly-wsmaster-war/pom.xml
+++ b/assembly/assembly-wsmaster-war/pom.xml
@@ -66,6 +66,10 @@
org.eclipse.che
exec-agent
+
+ org.eclipse.che
+ git-credentials-agent
+
org.eclipse.che
ls-csharp-agent
diff --git a/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java b/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
index 3892df8a53a..3864ea8adc4 100644
--- a/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
+++ b/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
@@ -14,6 +14,7 @@
import com.google.inject.multibindings.Multibinder;
import com.google.inject.name.Names;
+import org.eclipse.che.api.agent.GitCredentialsAgent;
import org.eclipse.che.api.agent.LSCSharpAgent;
import org.eclipse.che.api.agent.LSJsonAgent;
import org.eclipse.che.api.agent.LSPhpAgent;
@@ -150,6 +151,7 @@ protected void configure() {
agents.addBinding().to(LSJsonAgent.class);
agents.addBinding().to(LSCSharpAgent.class);
agents.addBinding().to(LSTypeScriptAgent.class);
+ agents.addBinding().to(GitCredentialsAgent.class);
Multibinder launchers = Multibinder.newSetBinder(binder(), AgentLauncher.class);
launchers.addBinding().to(WsAgentLauncher.class);
diff --git a/pom.xml b/pom.xml
index 64736b09bde..1039c82d21b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -117,6 +117,11 @@
tar.gz
linux_amd64
+
+ org.eclipse.che
+ git-credentials-agent
+ ${che.version}
+
org.eclipse.che
ls-csharp-agent