In the myhome/.ssh/ directory are local SSH keys for my personal GitHub account, the directory has the id_rsa and id_rsa.pub files that allow me to authenticate with GitHub.
I am setting up a server (compute engine on GCP), and this server needs these keys because it needs to authenticate to my GitHub to pull a repo. Should I either:
transfer over / SCP the currently-existing id_rsa, `id_rsa.pub that I have locally onto the server, and use those on the server.
create a brand new SSH key from on the server, and use this key. Add it to my GitHub profile.
it doesn't matter, either (1) or (2) is fine.
or something else?
(2) seems like the right approach, but we are not certain.
Indeed option 2. As a best practice, you should not share the same private key.
Go ahead and generate a new SSH key following the docs: https://docs.github.com/en/github/authenticating-to-github/connecting-to-github-with-ssh
Related
I'm trying to deploy my app to vultr.
I have two different repository for front and back app.
I created ssh key on server and added it to deploy keys section of my backend repository on GitHub.
I can pull backend app it's ok.
But When I try to add same ssh key into my deploy keys section of frontend app, it says "key is already in use".
Then I created another ssh key on server and added it into deploy keys of front end repository..
But that time when I try to clone app it tries to read ssh key that I first created...
I think I need some think like "clone by using a specific ssh key". How can I fix this?
Or is there an easier way to deploy different apps via using ssh?
To use your second key, you need to reference it in a ~/.ssh/config file with:
Host deploy
Hostname github.com
User git
IdentityFile ~/.ssh/yourSecondSSHKey
The git clone deploy:YourGithubName/YourAppRepository
That would force Git/SSH to use your second key.
I have an existing capistrano 3 deployment script which I run on my local machine (MacBook). I use agent forwarding and connect with my public SSH key. This all works fine, I have my SSH key added to GitHub and deployments works like a treat with no password. So, now I have a new developer that needs to also be able to deploy from his own machine. Firstly I have added his public SSH key to the server and added to known hosts so he has SSH access.
What do I need to do now so that agent forwarding works for him too?
I tried to copy his public key to the SSH keys in my GitHub account, but showed an error saying the key was already added. I don't understand how why I get this error as only my own SSH key has been added. Should I give him access to the GitHub repository and then he adds his SSH key to his own account?
Does the public key named in the deploy script need to be the same as it is named on the server or as it is on his machine?
Thanks for any help with this, I can't find anything online for this scenario.
Should I give him access to the GitHub repository and then he adds his SSH key to his own account?
Yes. The preferred way to do this is to give the new developer access to the GitHub project via his account.
You also add his public key to .ssh/authorized_keys on the server so that he can deploy. At this point, deployment should work for both of you using your own keys.
This one is rather complicated to describe. I have two github accounts, I will refer to them as github A and B.
I had created a local repo X and tried to connect it to a new remote repo I created on github account A. However, my default github login credetials were set for my github account B. I went through this tutorial and was able to add a second key created in my .ssh to allow me access to acct. A at will. This method worked and allowed me to add the new remote repo on github account A to my local repo X. I could then push origin to master just fine.
I then made a clone of the same repo X on github account A and placed it in a new local location (same drive, different folder) which I will refer to as local repo Y. I then tried to push changes to the same remote repo on github A and it denies me saying I'm trying to access using my username for my remote github B account.
I tried re-adding the remote url via the same special .ssh key previously created for repo X and use it for the local repo Y but it says it already exists.
I'm looking for a simple solution here, hopefully one exists. I would appreciate your help on this.
You can test what actual key is used with:
ssh -Tv <yourSSHConfigEntry>
Make sure to use an ssh URL like yourSSHConfigEntry:/ (no need to prefix it with git#: the User should be in your ~/.ssh/config file)
The idea is: your SSH config file should use the right private key, whose public key has been registered to the right GitHub account.
Check the remote URL: git remote -v. If it starts with git#github.com, it won't use the ssh config entry.
Type:
git remote set-url origin <my-github-acct-A>:<user>/<repo>
That will use the SSH config entry, and make sure the User in it is "git".
I'm pretty sure the issues you're running into are a result of managing multiple accounts on the same computer, regardless of the repos being duplicates.
If you haven't already, I'd suggest you take a look at the very detailed answers provided here.
I have been through this trouble many times and have resolved it by setting the ssh config rules or by enforcing the ssh-agent to have the correct ssh key alone.
I have documented the entire process and Freecodecamp published the article.
Here's the link! Hope this will help whenever you come across this use case. :)
When I try to push my project on Github, I have to sign in every time with my Github account before the push. And I don't understand why, on certain projects I don't need to do this, only on one project.
MacBook-Pro-Firstname:ProjectName firstname$ git push origin master
Username for 'https://github.com': email#gmail.com
Password for 'https://email#gmail.com#gmail.com#github.com': *******
How can I remove the sign in process?
GitHub offers two different authentication methods for read/write access. The first, which you appear to be using, is the HTTPS method and requires username/password authentication. The other way is via SSH which uses public/private key pairs to authenticate rather than a username/password combination.
To change the URL of the repository to the SSH version, you can use git config remote.origin.url git#github.com:username/repository.git
It sounds like you already have SSH keys generated and added to your account if you don't need to authenticate for some projects, but if you don't you can set it up via this link.
I am not entirely sure but I believe you will need to create an SSH key: https://help.github.com/articles/generating-ssh-keys
You need to set up a public SSH key with Github. See this article: https://help.github.com/articles/generating-ssh-keys
I'm trying to pull an existing github repo made on my local machine onto a vm running on EC2 that will be used by multiple people. I have some concerns with using an ssh key without a password, so I was wondering if there was any way to pull directly onto the VM either anonymously, or by providing the username and password of the account that originally pushed the repo, so that my personal information won't have to be stored on the vm, and there's no security risk in having someone get ahold of a password-less ssh key for the vm. Is this possible?
Currently running Ubuntu 12.04
I recommend generating a new key and adding it as deployment key to your specific repo.
These keys are linked to a specific repo, not your account.
Alot of options are also available here.
https://help.github.com/articles/managing-deploy-keys