I have created a deploy key according to the windows instructions here
But instead of using the deploy key that has just been set up, git push instead asks for credentials, first with a pop up, then with an SSH pop up, then in the git bash command line itself! This is quite shocking because the whole purpose of a deploy key is to avoid having to provide access to an entire github account
Given I have followed github's own instructions precisely and this isn't working, I am lost as to what to do next.
Notes
Some time ago, somehow, I set up a deploy key successfully on the same (windows) server. So perhaps the > 1 key on the machine is confusing some part of the process. I am not sure this has anything to do with it though.
I can see here that github expects keys to be named id_rsa and id_rsa.pub, but given this is my second deploy key running on this particular server, I named the second set differently so as to avoid overwriting the original set (the original set are still there, there are just two more files in C:\Users\[YOUR-USER-NAME]\.ssh\)
Related
With my University, I have a GitLab account, but later I created my own account on GitHub for my personal use, and both are "linked" on my laptop. But in my mind, it's quite a mess : both are linked differently, and I kinda lose myself (one is with ssh key, the other one is... i'm not sure of it)
So, I want to delink entirely my two accounts, delete the ssh keys and all the things that are needed to return from scratch. What I need to do ? I don't want to make bad things. And then, how can I use both accounts on my laptop (using ssh keys) ?
I hope I was clear
To effectively 'start from scratch' you will need to:
Remove your local configurations
a. Remove your SSH configurations/key
b. Remove your (global) git configuration
(optionally) Revoke your SSH keys from your GitHub and GitLab accounts online
Removing your local configurations
Your SSH configuration is, by default, stored in the .ssh directory in your user profile. This is probably also where your key(s) are stored. To effectively 'start over' you can move (recommended in case you want to restore it) or delete this directory entirely.
Same goes for your git configuration, except this is .gitconfig rather than .ssh
On Windows in command prompt/powershell you can move the directory like so (assuming your in your user home directory):
move .\.ssh .\.ssh.old
move .\.gitconfig .\.gitconfig.old
On MacOS or Linux systems, you can do the following:
mv ~/.ssh ~/.ssh.old
mv ~/.gitconfig ./.gitconfig.old
Removing your SSH keys from GitLab/GitHub
GitLab
For GitLab, navigate to https://gitlab.com/-/profile/keys (replace the URL if you're using a self-hosted gitlab server) -- here you can see a list of your public SSH keys you have added to GitLab and remove them by clicking the trashcan icon.
GitHub
For GitHub, navigate to https://github.com/settings/keys -- you will see a list of keys you have added and you can remove them by clicking the "delete" button.
Between all these actions, you will effectively have "started from scratch" with respect to your computer's git configurations.
I have been looking into automating builds using GIT and docker. One of the tools I find useful is ssh-keyscan which adds the result to known_hosts and allows you to bypass the 'fingerprint' prompt when cloning a repository for the first time.
I read a comment which pretty much says that exposing this file is dangerous. I thought keyscan just adds a bunch of public keys to your known_hosts file. Why is this dangerous if anyone sees this - can they not get the exact same public keys using the same tool?
I would have thought that in the link, adding a private ssh key to the docker container would be the dangerous part since this is the part you aren't meant to share.
Hope someone will be be able to help: I've installed GitLab and for a few days it seems that worked ok (I could push and pull only from a client but not from the machine that runs GitLab itself), however that's no longer the case. I have been working on the server (its my own server that I've setup for development/learning/personal stuff but I don't believe I've changed anything that could affect Gitlab, so I'm don't know what to do.
At the moment I can't push or pull from either my local machine (OS X 10.8.3) not from my server (Ubuntu 12.0.4). I've run the test several times and all is green. When I do git config user.name or git config user.email it comes back with my name and email respectively. I've also searched online but couldn't find anyone in exactly the same situation, however I did try many of the approaches suggested: I've deleted and generated more ssh keys, changed config in /home/git/gitlab/config.yml to reflect my setup (I'm running apache). My GitLab is 5.2 and I've followed the instruction on GitLab's homepage. In order to make it working with apache instead of nginx I've followed the instructions here:. This question seems the closest to describe my problem, however the solution is not clearly described, so I couldn't follow. The web ineterface works fine and I can commit either from my local machine (using sshfs) and my server. I just can't push or pull. The error I get is:
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
I'd appreciate any help. I've been struggling with this for days now and I'm on the brink of give GitLab up...
Many thanks
EDIT: On my server I've got three accounts: user1 (main, first user, root), user2 a sudoer that also has admin privileges and git which also is a sudoer. After more investigating, I'm pretty sure this is a problem of me messing up with permission and the ssh key. Can someone point me out: when I generate the ssh key, which user should I be logged in as? In which computer should I generate this key? On my server or my Mac? Also, when I've tried push from my server directly (I was physically logged in the server rather than sshed to server via my Mac) GitLab was asking for git's password. I then generated a key logged as git on the server and added to GitLab through the web interface and the error appeared again (the same as before). Still not fixed.
The problem in my case was that I changed the git credentials on my local machine (when you create a new repo, you set the user name and email Git and git#localhost respectively) that I had changed and didn't realise. That's why every time I was trying to either push or pull I got the error. Once that was changed back to the correct settings, Gitlab started working again. Leaving as it might be helpful to someone.
Recently I've started working on a facebook app using Heroku and their tutorial is really extensive on the matter. However, when trying to clone my application to my machine, i get the following error:
Permission denied (publickey)
fatal: The remote end hung up unexpectedly
I tried every solution I could find, resetting my key, uploading a new one, editting the key archive, but none of them seemed to solve my problem.
Does anyone have a different alternative to this?
Thanks
Im running Windows 7 Enterprise and my application is set to run on PHP.
Wherever you hold your keys try
heroku keys:add
Without an argument, it will look for the key in the default place (~/.ssh/id_rsa.pub or ~/.ssh/id_dsa.pub). If you wish to use an alternate key file, specify it as an argument. Be certain you specify the public part of the key (the file ending in .pub). The private part of the key should never be transmitted to any third party, ever.
https://devcenter.heroku.com/articles/keys
just wondering if you are Starting Command Prompt with Ruby? I had some problems with this aswell double check your ssh
We're currently using RightScale, and every time we deploy, we execute a script on the server or server array that we want to update. It pulls the code from a GitHub repository, creates a new folder in /var/www/releases/TIMESTAMP, and symlinks the document root, /var/www/current, to that directory.
We're looking to get a better deployment strategy, such as something where we SSH into one of the servers on the private network, and run a command-line script to deploy what we want to deploy.
However, this means that this one server has to have its public key in the authorized_keys of all of the servers we want to deploy to. Is this safe? Wouldn't this be a single server that would allow all the other servers to be accessed?
What's the best way to approach this?
Thanks!
We use a similar strategy to deploy, though we're not with Rightscale anymore.
I think generally that approach is fine and I'd be interested to learn what you think is not serious about it.
If you want to do your ssh thing, then I'd go about it the following:
Lock down ssh using security groups, e.g. open ssh only up to specific IP or servers with a deploy security-group, or similar. The disadvantage here is that you might lock yourself out when the other servers are down, etc..
I'd put public keys on each instance to allow a password-less login. If you're security concious, you rotate those keys on a monthly basis or for example, when employees are leaving, etc..
Use fabric or capistrano to log into your servers (from the deploy master) using ssh and do your deployment.
Again, I think Rightscale's approach is not unique to them. A lot of services do it like that. The reason is that e.g. when you symlink and keep the previous version around, it's easier to rollback and so on.