I followed the guide from https://help.github.com/articles/generating-ssh-keys/ to generate a ssh key used to connect to github from my server.
The problem is if I close the shell and login the server again, I have to repeat below steps to reconnect to github, otherwise the accessing will be denied:
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
How can I setup a permanent connection with github?
Since you are logging on to the command-line (presumably using SSH) all applications that you run, including ssh-agent, stop when you log out.
In my opinion your best bet is to have your CentOS machine start ssh-agent for you each time you log in, then manually use ssh-add to add your key. This can be done by modifying your shell's login script. If you are using bash, this file is called ~/.bash_profile. If you are using another shell, refer to its documentation and choose an appropriate file.
Edit one of these files and add eval "$(ssh-agent -s)" at the end.
Now, each time you log in ssh-agent should automatically start, and you can optionally run ssh-add (since you are using a file that ssh-add looks for by default you don't need to pass the file to the command) to add your key, then do Git stuff.
It sounds like you want to automate the adding of the key as well. This isn't something that I would choose to do since I like adding keys to be explicit, but because you don't have a passphrase on your SSH key you should be able to add ssh-add to the same file we modified above (after we start the agent, of course) and have your key added automatically.
Thanks #Chris
I did the following and it worked:-
Step1:- .bash_profile
Step2:- enter image description here
Step3:-source .bash_profile
Step4:- enter image description here
Related
Summary:
As I'm integrating CI to the development workflow, I'm also trying to move the executions of Bitrise workflows to our local iOS Mac Computer which is setup as a Jenkins slave.
The projects that I'm trying to build therefore needs to be built on this iOS Computer.
Problem:
I'm trying to establish an ssh connection to an integration user (a GitHub account that has access to my repositories) and I have created a key and added it to the GitHub user as well as to the .bitrise.secrets.yml file.
But when the initial step, the activate-ssh-key step is executed, it results with an error that I can't add the SSH key to the ssh-agent with empty passphrase. (Is this somehow configurable? Can I just evade this?)
Here is the output log:
https://pastebin.com/FCHhZNDb
Step in bitrise.yml:
- activate-ssh-key#4.0.2: {getenv "SSH_RSA_PRIVATE_KEY"}
.bitrise.secrets.yml:
envs:
- SSH_RSA_PRIVATE_KEY: ssh-rsa *KEY*
|------------------------------------|
I have also tried putting the ssh key directly in the .ssh directory which did not work.
Any help is really appreciated! :)
TL;DR
Trying to connect bitrise cli with github via ssh, doesn't work.
The SSH key you used seem to be protected with a passphrase. You should generate one that does not require a passphrase to be specified, and register that for the repository.
How to generate such an SSH key: https://devcenter.bitrise.io/faq/how-to-generate-ssh-keypair/
ssh-keygen -t rsa -b 4096 -P '' -f ./bitrise-ssh -m PEM
Alternatively you can replace the Activate SSH Key step with a script one and activate the SSH key any way you like.
Or if you prefer to not to use SSH keys you could switch to using https:// git clone urls (instead of the SSH / git# one) and replace the Activate SSH Key step with the Authenticate with GitHub OAuth one (https://www.bitrise.io/integrations/steps/authenticate-with-github-oauth).
In my Microsoft.PowerShell_profile.ps1 document, I've had to add ssh-add ~/.ssh/github_rsa following the poshgit examples in order for it to connect to my GitHub repos.
# Load posh-git example profile
. 'C:\tools\poshgit\dahlbyk-posh-git-8aecd99\profile.example.ps1'
ssh-add ~/.ssh/github_rsa
If I don't have that in my profile, I Github gives me permissions errors when I try to connect.
If I do it manually, it will work for the entire duration of my desktop session, but as soon as I reboot my computer, I need to re-run the command.
Why doesn't poshgit and ssh-add remember the rsa that I've added? It seems wrong to have to re-add it every time.
It's because your rsa key is not the default name ( id_rsa ) so you either need to use ssh-add (which adds it to a running service that remembers the key decrypted with your passphrase) or just add an entry into your ~\.shh\config
~\.ssh\config (create or edit):
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/github_rsa
Or, if github is the only thing you use ssh keys for, just rename the key to id_rsa and then git (well ssh.exe) will find it for you automatically AND poshgit will ssh-add it for you (to handle passphrases).
here's my situation.
I'm running Cruise Control as a Windows Service and trying to get it to connect to a Mercurial Repository on BitBucket over SSH.
I'm pretty sure that everything's configured OK (PuttyGen, Pagaent, etc). I'm remoting onto the server using the same account that I am using to run the service and if I issue hg pull -b ssh://#bitbucket.org// from a command line everything works. I added -v to the ssh configuration in mercurial.ini and I can see all of the steps that are taken.
If I run CC.NET from a command prompt then it builds fine. In the console window I can see the same logging from the SSH operation.
However, if I run CC.NET as a service (using the same user account that I'm logged in on) the call to BitBucket times out. I can find no way to work out why either. The build log doesn't help and neither do ccnet.log or ccnet.trace in the temp directory. I was expecting one of them to contain the logging from the SSH operation, but they don't.
Can anyone help? Is it that running as a service prevents it from connecting to Pagaent (I've started Pagaent by adding it to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). When I did the pull from the command line I had to OK a dialog, but only once. Is it waiting on the same dialog now that it's running as a service?
Getting close to my wits end here.
Thanks
I did get it working in the end. The trick was to create the public key without a passphrase. When running as a service the solution has to be completely non-interactive and the passphrase option with pagaent.exe just isn't.
Here are the steps:
Use PutTTygen to generate a secure key WITHOUT a passphrase. If you really do need one then you can add it to the mercurial.ini file, but defeats the point for me as it's in plain sight anyway.
Copy a mercurial.ini to two locations: C:\Windows\System32\config\systemprofile and C:\Windows\SysWOW64\config\systemprofile. Probably only one of these was really necessary, but I didn't have the time to experiment. The first is the home directory for the system user when running 64 bit apps, the SysWOW64 location for 32 bit. Make sure that if you do the same as me then keep both files in sync - or go one further and work out which is the correct location.
Add something like this line under the [ui] key in both files:
ssh = "D:\Program Files\TortoiseHg\TortoisePlink.exe" -ssh -2 -C -batch -v -i "[Path to your ppk file]"
Add the passphrase to the end of the command if one was created in step 1.
Make sure that TortoisePlink.exe is specified, not Plink.exe. They should both be in the same directory.
Download psexec from http://technet.microsoft.com/en-gb/sysinternals/bb842062.aspx
Run d:\PSTools\PsExec.exe -s -i cmd.exe. This will open a command line as the system account in interactive mode.
Now do an hg pull, or hg clone or whatever.
A dialog should pop up with a confirmation message. This is a one time thing and the reason that you have to do the PsExec step. OK the dialog.
Now cc.net should be able to be run as a service under the local system account using SSH!
Why did I get the following error (on the same machine where the github connection had been properly set up before)? Meaning, it worked the previous day (e.g. I could push, pull, etc. with no problem) but didn't the next day.
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
When I did ssh-add:
$ ssh-add -l
The agent has no identities.
Is it possible that a key, which was previously loaded into SSH, is automatically unloaded?
The following fixed the issue (for reference):
ssh-add ~/.ssh/github_rsa
Enter passphrase for /Users/admin/.ssh/github_rsa:
Identity added: /Users/admin/.ssh/github_rsa (/Users/admin/.ssh/github_rsa)
The latest Github for (Mac|Windows) include a credential helper (as explained in "How to use git with gnome-keyring integration").
That means, if you need to enter a password (because your private ssh key is passphrase protected), that will be stored by git for the duration of the session.
But at the next session, you will need to enter the passphrase again (once).
On the mac, identities that you add don't usually go away unless you explicitly remove them (ssh-add -d), the machine is rebooted, or you log out and then log back in again.
I use to navigate my remote servers with ssh. Sometimes i would like to download a file to open in my computer.
But the only way i know how to do it is to open a new command line window and use scp from local to remote.
is there a way to do this directly from the ssh server?
like a command that know my current ip so can set up everything automatically?
(wonderful would also be to do the upload in such a way...)
There is no easy way to do it - I used ssh & scp many years the way you just described. But, you may configure ssh & scp in such a way that they don't require password each time, which is very comfortable! For this, you need:
generate keys by ssh-keygen - they can be also passphrase (= password) protected
copy the keys to remote machine to ~/.ssh/authorized_keys
And then, each time you start a session, you run ssh-agent and ssh-add. You just enter the password once. And then you can just run scp/ssh many times, from scripts, etc., without the need to enter the password each time!
I don't remember the exact way how to configure all this, but have a look at manpages of all those useful tools! Many things can be automatized by placing them into ~/.bash_profile or ~/.bashrc files.
I found this while trying to answer your question for myself:
https://askubuntu.com/a/13586/137980
Just install zssh and use Ctrl-# to go into file transfer mode.