Please help me solve this problem
I created my ssh key using the following
ssh-keygen. -t rsa -b 4090 -C [myemail#emailservice.com]
I added my ssh key to my ssh-agent using:
touch ~/.ssh/config
#this was typed in the ~/.ssh/config file
Host *.github.com
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa
Then I typed the folloring in terminal
$ ssh-add~/.ssh/id_rsa
I then copied the ssh key using
cat ~/.ssh/id_rsa.pub
I copied the the output and then added it to my github
To check if it was working, I used
ssh-T git#github.com
I received the following error message:
Bad configuration option: host*github.com
Does any one know what this error message means and what I should do?
I was expecting the following message:
Are you sure you want to continue connecting (Yes/no[fingerprint])?
I am following a tutorial from freeCodeCamp.org and at the part where I generate a SSH key (timestamp 20:30), my terminal is saying
zsh: permission denied: /Users/michael .
I am entering the following as instructed
~ ssh-keygen -t rsa -b 4096 -C "myemail#gmail.com"
I have tried changing security permissions for the terminal in system preferences to allow it to run software that doesn't met the security policy and that doesn't help.
Weirdly, when i tried this the first time, it worked, however when i tried to view the actual key in the terminal it gave my the permissions error message from above so I figured I must have done something wrong, so I deleted the keys it had made in my users directory and started again, only to find that it now won't even generate a key in the first place.
As I say, I am very new to this so I apologise if it is something basic that I am asking but any help would be greatly appreciated.
Thanks for reading.
~ is just part of the user's prompt in the video. The actual command is just
ssh-keygen -t rsa -b 4096 -C "myemail#gmail.com"
In a shell command, ~ is expanded to the user's home directory, so your shell thinks you wanted to execute a command named /Users/michael with arguments ssh-keygen, -t, etc.
I am stuck with after statement "couldn't get a file descriptor referring to console". I couldn't continue further than that. I need your help on this issue. I am a new web developer and continue to learning to improve my skills. Thank you for your time to guide me to right direction.
[ENV]:/vagrant/src/splurty $ git push origin master
ssh: connect to host github.com port 22: Connection refused
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
[ENV]:/vagrant/src/splurty $ git remote set-url origin https://github.com/livestronger08/brolin.git
[ENV]:/vagrant/src/splurty $ eval "$(ssh-agent -s)"
Agent pid 30162
[ENV]:/vagrant/src/splurty $ ssh-add
Identity added: /home/vagrant/.ssh/id_rsa (/home/vagrant/.ssh/id_rsa)
[ENV]:/vagrant/src/splurty $ $ ssh-keygen -t rsa -b 4096 -C "your_email#example.com"
$: command not found
[ENV]:/vagrant/src/splurty $ ssh-keygen -t rsa -b 4096 -C "derek.downie#ttu.edu"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vagrant/.ssh/id_rsa):
/home/vagrant/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Passphrases do not match. Try again.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/vagrant/.ssh/id_rsa.
Your public key has been saved in /home/vagrant/.ssh/id_rsa.pub.
The key fingerprint is:
72:98:32:bc:e7:b1:05:0e:c6:99:17:3d:a0:00:6a:63 derek.downie#ttu.edu
The key's randomart image is:
+--[ RSA 4096]----+
|... . |
|. . . o |
|.E . . o |
|o .o o + . |
| X * S |
| . B + |
| . + . |
| o + |
| o |
+-----------------+
[ENV]:/vagrant/src/splurty $ eval
[ENV]:/vagrant/src/splurty $ eval "$(ssh-agent -s)"
Agent pid 30176
[ENV]:/vagrant/src/splurty $ open ~/.ssh/config
Couldn't get a file descriptor referring to the console
[ENV]:/vagrant/src/splurty $ touch ~/.ssh/config
From the moment you have set the remote repository URL (with git remote set-url origin https://github.com/livestronger08/brolin.git) to an HTTPS one, every other commands related to SSH won't matter regarding the authentication.
The agent is needed only if you have entered a non-empty passphrase when creating the SSH key.
And the ~/.ssh/config is a file needed only if your SSH key is not the default ~/.ssh/id_rsa name. In your case, you don't need it.
I am having create difficulty finding reliable information on creating SSH keys in order to remove the need for username and password when doing git push and pull for a main repo and separate nested repos.
To make sure I have no existing errors deleted them from
https://github.com/settings/keys
And then followed this guide which in a nutshell advises:
Check for existing, I deleted all from here as well
ls -al ~/.ssh
then (accepting defaults with no passkey)
ssh-keygen -t rsa -b 4096 -C "your_email#example.com"
eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa
clip < ~/.ssh/id_rsa.pub
and pasting key at https://github.com/settings/keys
The guide seems to end here, however attempt to push the repo gives:
fatal: HttpRequestException encountered.
An error occurred while sending the request.
Username for 'https://github.com':
What steps have been missed here please.
Attempting to push via git bash
I need to do the SSH key audit for GitHub, but I am not sure how do find my RSA key fingerprint. I originally followed a guide to generate an SSH key on Linux.
What is the command I need to enter to find my current RSA key fingerprint?
Run the following command to retrieve the SHA256 fingerprint of your SSH key (-l means "list" instead of create a new key, -f means "filename"):
$ ssh-keygen -lf /path/to/ssh/key
So for example, on my machine the command I ran was (using RSA public key):
$ ssh-keygen -lf ~/.ssh/id_rsa.pub
2048 00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff /Users/username/.ssh/id_rsa.pub (RSA)
To get the GitHub (MD5) fingerprint format with newer versions of ssh-keygen, run:
$ ssh-keygen -E md5 -lf <fileName>
Bonus information:
ssh-keygen -lf also works on known_hosts and authorized_keys files.
To find most public keys on Linux/Unix/OS X systems, run
$ find /etc/ssh /home/*/.ssh /Users/*/.ssh -name '*.pub' -o -name 'authorized_keys' -o -name 'known_hosts'
(If you want to see inside other users' homedirs, you'll have to be root or sudo.)
The ssh-add -l is very similar, but lists the fingerprints of keys added to your agent. (OS X users take note that magic passwordless SSH via Keychain is not the same as using ssh-agent.)
The newer SSH commands will list fingerprints as a SHA256 Key.
For example:
ssh-keygen -lf ~/.ssh/id_dsa.pub
1024 SHA256:19n6fkdz0qqmowiBy6XEaA87EuG/jgWUr44ZSBhJl6Y (DSA)
If you need to compare it against an old fingerprint you also need to specify to use the MD5 fingerprint hashing function.
ssh-keygen -E md5 -lf ~/.ssh/id_dsa.pub
2048 MD5:4d:5b:97:19:8c:fe:06:f0:29:e7:f5:96:77:cb:3c:71 (DSA)
Also available: -E sha1
Update... YES...yes... I know... DSA keys for SSH should no longer be used, the older RSA key or newer ecliptic keys should be used instead.
To those 'admins' that keep editing the command I used in the above. STOP CHANGING IT! You make the command and resulting output mis-match!
To see your key on Ubuntu, just enter the following command on your terminal:
ssh-add -l
You will get an output like this:
2568 0j:20:4b:88:a7:9t:wd:19:f0:d4:4y:9g:27:cf:97:23 yourName#ubuntu (RSA)
If however you get an error like; Could not open a connection to your authentication agent.
Then it means that ssh-agent is not running. You can start/run it with:
ssh-agent bash (thanks to #Richard in the comments) and then re-run ssh-add -l
A key pair (the private and public keys) will have the same fingerprint; so in the case you can't remember which private key belong to which public key, find the match by comparing their fingerprints.
The most voted answer by Marvin Vinto provides the fingerprint of a public SSH key file. The fingerprint of the corresponding private SSH key can also be queried, but it requires a longer series of step, as shown below.
Load the SSH agent, if you haven't done so. The easiest way is to invoke
$ ssh-agent bash
or
$ ssh-agent tcsh
(or another shell you use).
Load the private key you want to test:
$ ssh-add /path/to/your-ssh-private-key
You will be asked to enter the passphrase if the key is password-protected.
Now, as others have said, type
$ ssh-add -l
1024 fd:bc:8a:81:58:8f:2c:78:86:a2:cf:02:40:7d:9d:3c you#yourhost (DSA)
fd:bc:... is the fingerprint you are after. If there are multiple keys, multiple lines will be printed, and the last line contains the fingerprint of the last loaded key.
If you want to stop the agent (i.e., if you invoked step 1 above), then simply type `exit' on the shell, and you'll be back on the shell prior to the loading of ssh agent.
I do not add new information, but hopefully this answer is clear to users of all levels.
Reproducing content from AWS forums here, because I found it useful to my use case - I wanted to check which of my keys matched ones I had imported into AWS
openssl pkey -in ~/.ssh/ec2/primary.pem -pubout -outform DER | openssl md5 -c
Where:
primary.pem is the private key to check
Note that this gives a different fingerprint from the one computed by ssh-keygen.
The fastest way if your keys are in an SSH agent:
$ ssh-add -L | ssh-keygen -E md5 -lf /dev/stdin
Each key in the agent will be printed as:
4096 MD5:8f:c9:dc:40:ec:9e:dc:65:74:f7:20:c1:29:d1:e8:5a /Users/cmcginty/.ssh/id_rsa (RSA)
$ ssh-add -l
will also work on Mac OS X v10.8 (Mountain Lion) - v10.10 (Yosemite).
It also supports the option -E to specify the fingerprint format so in case MD5 is needed (it's often used, e.g. by GitHub), just add -E md5 to the command.
On Windows, if you're running PuTTY/Pageant, the fingerprint is listed when you load your PuTTY (.ppk) key into Pageant. It is pretty useful in case you forget which one you're using.
This is the shell function I use to get my SSH key finger print for creating DigitalOcean droplets:
fingerprint() {
pubkeypath="$1"
ssh-keygen -E md5 -lf "$pubkeypath" | awk '{ print $2 }' | cut -c 5-
}
Put it in your ~/.bashrc, source it, and then you can get the finger print as so:
$ fingerprint ~/.ssh/id_rsa.pub
d2:47:0a:87:30:a0:c0:df:6b:42:19:55:b4:f3:09:b9
Sometimes you can have a bunch of keys in your ~/.ssh directory, and don't know which matches the fingerprint shown by GitHub/Gitlab/etc.
Here's how to show the key filenames and MD5 fingerprints of all the keys in your ~/.ssh directory:
cd ~/.ssh
find . -type f -exec printf "\n{}\n" \; -exec ssh-keygen -E md5 -lf {} \;
(For what the parameters mean, refer to this answer about the find command.
Note that the private/public files that belong to one key have the same fingerprint, so you'll see duplicates.
If your SSH agent is running, it is
ssh-add -l
to list RSA fingerprints of all identities, or -L for listing public keys.
If your agent is not running, try:
ssh-agent sh -c 'ssh-add; ssh-add -l'
And for your public keys:
ssh-agent sh -c 'ssh-add; ssh-add -L'
If you get the message: 'The agent has no identities.', then you have to generate your RSA key by ssh-keygen first.
Google Compute Engine shows the SSH host key fingerprint in the serial output of a Linux instance. The API can get that data from GCE, and there is no need to log in to the instance.
I didn't find it anywhere else but from the serial output. I think the fingerprint should be in some more programmer-friendly place.
However, it seems that it depends on the type of an instance. I am using instances of Debian 7 (Wheezy) f1-micro.
If you need to obtain that from the private key do it:
ssh-keygen -y -f key > key.pub && ssh-keygen -lf key.pub
To check a remote SSH server prior to the first connection, you can give a look at www.server-stats.net/ssh/ to see all SHH keys for the server, as well as from when the key is known.
That's not like an SSL certificate, but definitely a must-do before connecting to any SSH server for the first time.
On Fedora I do locate ~/.ssh which tells me keys are at
/root/.ssh
/root/.ssh/authorized_keys