I was able to create a key and connect to github following these instructions via the command prompt successfully:
https://help.github.com/articles/generating-ssh-keys
However, when I try to connect via Sourcetree and putty I cannot. I've tried:
generating a new key with the putty key generator (SSH-2 RSA)
entering a passphrase
saving the private key
saving the public key and adding a .pub extension
copying/pasting the key from the putty key generator window into github
attemping to refresh branches on a pull from my private github repository from my local repo using the SSH clone URL I got from github
I also tried opening the key generated from the github command line instructions and it wanted me to convert it to a putty-type key which I did and saved off, tried with that one. Also no luck.
What am I doing wrong?
In order to get it worked I ended up going to Tools -> Options -> SSH Client and changing it to OpenSSH. I generated and uploaded several different types of keys trying to get it work as well but I think this is what finally did it.
In my case, I needed to switch to a git or ssh based repo path rather than the https based repo path. This causes SourceTree to switch to SSH based authentication.
This setting can be found at Repository => Repository setting => Paths
Example:
Correct repo paths
git#github.com:<username>/<reponame>.git
or
ssh://git#github.com/<username>/<reponame>.git
(Note: if you are working with a repo that isn't yours, replace username with organization name)
Wrong repo path
https://github.com/<username>/<reponame>.git
HTTPS repo paths result in SourceTree trying to be extra smart and failing spectacularly. You get prompted for a username/password GUI dialog which will never work if you have 2 factor authentication enabled.
To login to Github account using SourceTree you may use access tokens. To create an access token follow these steps.
Go to Settings
Select Developer settings from left pane
Select Personal access token
Click on Generate new token button
Give it a name
Select scopes and generate token (save this token somewhere safe because you won't be able to access this token again)
Then in SourceTree app follow these steps (for Mac users, not sure about the other platforms)
Go to Preferences->Accounts
Click add button
Select GitHub from Host dropdown
Choose Basic from Auth Type dropdown and HTTPS from Protocol dropdown
Enter your GitHub username in Username field
Paste the access token generated in the previous process in the Password field
Click save and you're done
For Mac versions of SourceTree the Tools menu does not exist.
However, you can add the ssh key to your keychain in Mac OS. See: https://superuser.com/questions/879050/sourcetree-ssh-options-on-os-x
On Mac OSX, the native SSH client can use the built-in keychain directly. To add your private key to the keychain simply use the command:
ssh-add -K /path/of/private/key
As an example if your private key is stored at ~/.ssh and is named id_rsa, you would use the command:
ssh-add -K ~/.ssh/id_rsa
You will then be prompted for your passcode, which will be stored in your keychain. After this you should be ready for a password-less login.
You may want to consider switching from OpenSSH to Putty / Plink and use embedded Git instead of Git provided by host OS. Making ssh-agent work on Windows is a bit more complicated than clicking it out straight from the SourceTree and PuttyGen.
If you want to still use terminal to configure SSH and start ssh-agent please see bottom two steps.
For Sourcetree on MacOS I had to change from OAuth to Basic authentication, use "git" as the username (not my GitHub username), and generate the SSH key and input it into GitHub. Only then could I clone a GitHub repo via SSH in Sourcetree.
Related
I prefer to using ssh keys and there is a lot to learn for me always!
My current challenge is:
I am using Visual Studio 2019 and I have my organization's private repositories in guthub under the organization's name.
When i try to connect to one of the repositories under the name of my organization, i am getting this error:
permission denied (publickey)
I have generated ssh keys as follows:
id_rsa_personal#gmail
id_rsa_work_alias#organization
I also have a config file in ~/.ssh/config with contents as below:
#github personal
Host personal
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_personal#gmail
#github work
Host work
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_work_alias#organization
In my visual studio 2019, under MenuBar-> Git-> Manage Remotes is setup to use ssh for fetch and push
Here is what my github dashboard looks like
As you can see, it has two entries one for my work alias and one for my organization
I mostly work on repositories under the Organization.
But while adding the ssh key contents to github, i added so under my work alias account
Now when i try to do a fetch from Visual Studio 2019, i get the error
permission denied (publickey)
Examining the Your Organizations menu option, i do not see a settings option.
So, in my case, should i be configuring visual studio 2019 to be using https:// to perform git operations? please clarify
To add to sborsky's comment, assuming everything is running with the current user (the one with ~/.ssh/config), the actual URL to use would be:
work:Organization/api-1.git
No need to repeat the user, which is already specified in ~/.ssh/config
Check first if it works with:
ssh -Tv work
You should see an error message, unless:
your account is not part of the organization
and/or you have not properly added the public key to your GitHub account.
Having some issues with maintaining too many SSH keys in the same computer lately.
I have created two SSH keys in my computer for UserA(Company) and UserB(Personal). Both the ID's are created using different email ID
I am able to pull and push the code changes for UserA
But UserB is where I face trouble to push my code.
I am able to pull the code for UserB(Where repo is different than UserA)
While pushing the code I get the following error
ERROR: Permission to UserB/xxxxxx.git denied to UserA.
Please make sure you have the correct access rights
and the repository exists. ```
Feel bit strange to me. Can someone help me this ?
Starting from Git 2.3.0 you can use below command
GIT_SSH_COMMAND='ssh -i private_key_file' git clone user#host:repo.git
Solved !!
Created Gitconfig for personal and work using the following link,
https://medium.com/#trionkidnapper/ssh-keys-with-multiple-github-accounts-c67db56f191e
Sometimes you have the problem of too many keys stored in the ssh-agent.
Then the server refuses the connection after it offering too many keys.
This can be solved by force ssh to use only one specific key.
GIT_SSH_COMMAND='ssh -o IdentityAgent=none -i private_key_file' git <cmd>
This is a strange question, but I cannot find how I did this:
I have three computers, all of them with visual studio code and an account in gitlab. In two of them, my operation has been
git clone ___.git
cd folder
git init
git remote add origin ___.git
And then, every time I push,... I have to enter my id and pass.
But in my first computer, I did something that I don't need to enter the id and pass anymore, it just pushes without hassle.
Then, I thought I must have done something like this
https://git-scm.com/docs/git-credential-store
But when I look for .gitconfig, which I find in the /Users folder, there I only have my user.name (which is not the one of gitlab), the email (this one is the gitlab email) but no password entry. And I cannot find any other .gitconfig files anywhere. For sure I didn't set up any SSH key.
So here the question, what did I do?
Make sure to use the GCMfW: Git-Credential-Manager-for-Windows:
git config --global credential.helper manager
Then try again: that should cache your username / password, provided you are using an HTTPS (https://...) URL, not an SSH one.
I am using the mercurial key-ring extension to store the password to my remote repository on BitBucket, so I don't have to enter it every time I push to the remote repository. Ironically, it asks me for the password to unlock the key-ring every time I need to access it; thereby completely mitigating its purpose to me. What am I doing wrong?
In my global mercurial config (~/.hgrc) I have the following lines:
[extensions]
hgext.mercurial_keyring = /etc/mercurial/mercurial_keyring.py
In my repo mercurial config (.hg/hgrc), I have:
[paths]
default = https://username#bitbucket.org/username/repo
Example:
> hg out
> comparing with https://username#bitbucket.org/username/repo
> Please enter password for encrypted keyring:
I have tried uninstalling the keyring and trying again. I've also played about with configuration settings I've found online to no avail. I also couldn't find anything on encrypted keyring and non-encrypted keyring in regards to mercurial.
How can I get it so that I don't have to enter a password at all when I perform actions to the remote repo?
I don't know if this was already the case at the time the question was asked, but now the solution is directly explained in the keyring extension wiki link in your question.
Just enabling the keyring extension is not enough, you also need to tell Mercurial the remote repo and the username in the config file.
Quote from the link:
3.2. Repository configuration (HTTP)
Edit repository-local .hg/hgrc and save there the remote repository
path and the username, but do not save the password. For example:
[paths]
myremote = https://my.server.com/hgrepo/someproject
[auth]
myremote.schemes = http https
myremote.prefix = my.server.com/hgrepo
myremote.username = mekk
Simpler form with url-embedded name can also be used:
[paths]
bitbucket = https://User#bitbucket.org/User/project_name/
Note: if both the username and password are given in .hg/hgrc, the
extension will use them without using the password database. If the
username is not given, extension will prompt for credentials every
time, also without saving the password. So, in both cases, it is
effectively reverting to the default behaviour.
Note that you don't need to specify all the information shown in those examples.
On my machine (Mercurial 5.0.2 on Windows), I'm using a simpler form which also works for multiple repos.
This is a 1:1 copy from my actual config file:
[extensions]
mercurial_keyring =
[auth]
bb.prefix = https://bitbucket.org/
bb.username = christianspecht
This uses the keyring extension to save the password for the user christianspecht, for all remote repos whose URL starts with https://bitbucket.org/.
The prefix bb can be freely picked, so you can use this to save multiple URLs/usernames at once.
This works perfectly well (at least until Bitbucket drops Mercurial support in a few weeks...) - it asks for the password once, then it's automatically saved and it never asks again.
it asks me for the password to unlock the key-ring. What am I doing wrong?
Nothing. Read the keyring docs, password for accessing keyring must be provided once for session
I setup public key access to my server via ssh. I have a .ssh folder on my local windows computer. I configured ssh to add the private key using the ssh-add <directory> command. I am able to successfully connect to my server using windowspowershell. The chmod and Chown of the .ssh directory and authorized file are configured correctly on my server. sshd_config is configured correctly and points to the correct key.
The connection works perfectly with shell so there is no problem on my server. But with Eclipse, and its plugin in particular, Egit, I keep getting a Unable to use key file <directory of the key file I loaded into eclipse the same one used by ssh error every time I try to push my revision commits to my git repository on the server. I went to Pref > General > Network > SSH2 and added the right private key, the ssh2 home directory is set correctly too, in fact the public an private key were both generated using the key management tab and loaded into my server.
My windows permissions on that folder and those keys is set to allow all users to do everything just for good measure.
Now one clue is, the known hosts tab has a host fingerprint that does not match the fingerprint of my key. My key is something like f1:19: etc and the hosts fingerprint is different. I hope I can fix this soon. Any suggestions would be great.
ssh-add -l = two private keys that I am using. So its not this.
Another clue is, after going into my putty program and changes the private key that it ses suddenly is i try to connect to ssh with a key acces in eclipse the error it throws shows reflects the same key that I just changed in putty!! Somehow eclipse seems to be using putty for public key access. How do I stop this?!
Okay here's the solution. For whatever reason Egit uses putty to connect to ssh using the configuration putty is set to use to access a server with a public key. The way you fix this is to make sure putty is able to connect to the server using a public key. If it can't then try this:
Download puttygen
Generate a rsa key using either ssh shell or the key management tab on eclipse. Do not generate a key using puttygen. For whatever reason it never worked for me.
Load the private key you generated (not generated with puttygen) into puttygen and then save as a putty private key (.ppk)
Go to eclipses key management tab and set it to recognize the new .ppk private key file
Finally go to putty, and create your servers profile by assigning the address and then go to auth and load the .ppk file. DISABLE pageant.
Save and attempt to connect to server using the key and if successful then congratulations Egit and Eclipse will now be able to make connections using keys.