Ideally, I want something like set :scm_keyfile, "~/.ssh/server-deploy-key". The path specified would of course be a path on the remote server.
If the remote user already has a ~/.ssh/id_rsa or ~/.ssh/id_dsa then git will use it by default.
If you wish to use an alternate file name for your private key, you can do this. Create a file on your remote server ~/.ssh/config and put these lines in it
Host github.com
User git
IdentityFile ~/.ssh/server-deploy-key
Now when you attempt to run a command like git clone git#github.com/xxx/yyy.git, Your ~/.ssh/server-deploy-key will be used.
Another method is to use ssh-agent forwarding. In this method, you don't need to put your deploy key on the remote server. As long as it is on your local machine, and you have enabled ssh-agent forwarding, your remote server will have access to the key and will use it . There is a nice article on github explaining this.
Related
now I long to build a private git server myself by gitea and use SourceTree as a git GUI (on Windows)
Current situation & steps:
1.I've already set up a host with gitea, and create a repos here.
2.I used SourceTree (putty) to create a public SSH key and save the .ppk file.
3.Adding this SSH on gitea page (something might be wrong because there is a verification button)
4.Using Pageant.exe on client to add key
5.Using SourceTree and try to clone the new repos by SSH
6.However, SourceTree on Client can not recognize the url
note:
1.both two computers connect to Local Area Network
2.opening port:3000 on host is done, and using "telnet HOSTNAME 3000" on client is successful
3.error message when using git command is here
Is there any step I did wrong?
I have a school and a personal Github, so I made an SSH key for my personal account and linked it up. It always works only once, then gives me
Push Failed
Git#github.com: Permission denied (publickey). Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
It works fine again after I delete the old SSH and make a new one, but this is obviously a huge hassle. I am on Windows 10, using Git Bash, and IDE is IntelliJ.
Any ideas? Thanks.
I solved this problem in the following way:
1.Create a file named config in the path $USER_HOME/.ssh/, then add following content.
# For school account
Host school_github
HostName github.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_school
# For personal account
Host personal_github
HostName github.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_personal
2.Run following command using git bash:
Change your school github repository configuration
git remote rm origin
git remote add origin git#school_github:your_github_username/your_repo_name.git
You can hava a try.
You don't need to create SSH keys for each git service just upload the same public key to both personal and school accounts and it will work.
SSH public key is tied to you local account you have generate SSH keys only if you are using different local(machine) account or different machine
Seems to me like when you try to authenticate, you are probably not using your keys.
If you run the command
ssh-add -l
You (should) see a list of all your keys. Each time you start a new session, make sure to start up the agent and add your keys.
eval `ssh-agent`
ssh-add ~/.ssh/id_rsa
I looked several answers and forums for a solution but I could not find a single one that works.
I have this scenario:
Eclipse Luna Service Release 2 (4.4.2)
Ubuntu 14.04 x64
Two ssh keys on my ~/.ssh folder
Two bitbucket accounts (one for personal projects and one for enterprise)
A git repository only accessible with my primary key (~/.ssh/id_rsa)
A git repository only accessible with my secondary key (~/.ssh/other)
I created a ~/.ssh/config file with the contents:
Host bitbucket bitbucket.org
Hostname bitbucket.org
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/other
User git
And for the sake of sanity I added the second key using ssh-add as well. Running ssh-add -l lists both keys.
When using the command line, all git commands work like a charm, with both repositories. But when using Eclipse, I always get the Invalid remote: origin error when trying to clone or pull from the repository with the secondary key:
Caused by: org.eclipse.jgit.errors.NoRemoteRepositoryException: git#bitbucket.org:myuser/myrepository.git: conq: repository access denied.
I added the secondary key at Window > Preferences > Network Connections > SSH2 > Private keys, and set the GIT_SSH environment variable to point to my ssh executable:
$echo $GIT_SSH
/usr/bin/ssh
I've restarted Eclipse and even the OS several times, with no luck.
Since I can use git from the command line without problems, I tend to believe there's something wrong with Eclipse.
How to use multiple Git SSH keys on Eclipse? Or how to force Eclipse to use my secondary key on a single project?
Host bitbucket bitbucket.org? You don't declare multiple entry names on one Host section.
I would expect to see in a ssh config file declaring multiple keys:
Host bitbucketuserA
Hostname bitbucket.org
IdentityFile ~/.ssh/id_rsa
User git
Host bitbucketuserB
Hostname bitbucket.org
IdentityFile ~/.ssh/other
User git
And you would use ssh url like
bitbucketuserA:userA/myrepo1
bitbucketuserB:userB/myrepo2
(this is similar to what I suggested for "How to work on personal GitHub repo from office computer whose SSH key is already added to a work related GitHub account?")
Anybody has any problems deploying with Laravel's envoy when using private Github repos?
When manually cloning my repo from the production server, the ssh key seems to be accessible but when using Envoy, I always get a "Permission denied (publickey) error.
Thanks
It is probably because the ssh key on your remote server requires a password.
If you change the Envoy.blade.php to perform some other task you should be able to establish whether you are connecting to your remote correctly.
#servers(['web' => 'user#domain.com'])
#task('deploy')
cd /path/to/site
git status
#endtask
Should return something like:
[user#domain.com]: On branch master
Your branch is up-to-date with 'origin/master'.
nothing to commit, working directory clean
If you are connecting using a Mac or Linux you probably don't have to enter your password because your terminal is using ssh-agent which silently handles your authentication.
Wikipedia article on ssh-agent
When connecting over ssh, ssh-agent isn't running and the script is being prompted for a password which is where it is failing.
To get around this you could to generate a new key on the remote machine that doesn't use a password.
If you want to restrict the ssh key to a single repository on GitHub have a look at deploy keys
You need to pass the -A (as per the man page it - Enables forwarding of the authentication agent connection. This can also be specified on a per-host basis in a configuration file) in you ssh string.
You will also need add your ssh key for agent forwarding (on the machine which can access the git remote which I assume be your localhost)
ssh-add -K ~/.ssh/your_private_key
Something like this
#servers(['web' => '-A user#domain.com'])
#task('deploy')
cd /path/to/site
git status
#endtask
Git remote commands should now work.
I have a dockerfile, a .sh file, a nginx config file and the private keys. But on a clean server how to add those files for the first time (before making the docker image) to the server?
Should I FTP and put those files there?
Should I git pull my project? // but I still need the keys or I can use password
What you do?
I'm not using digital ocean, and I would not like to have a private paid docker repo like https://registry.hub.docker.com/plans/
You use a physical server or a vps ?
If you can ssh to your server, add files have so many ways.
1.The most easy way is use sftp (you can find some sftp client to do this or use ftp command line tools), only need your ssh login permission, and you can upload these file to your user home directory.
2.The other way is use scp, command like:
scp YOUR_FILE username#ipaddressORhostname:/home/username/
this also only need your ssh login permission
git or ftp is not a good way to push files fisrt time to server.
Most git remotes repos (GitHub, GitLab etc) will support a https access mechanism, the data is encrypted in transit much like sftp and ssh. you'll get a password challenge. No keys...
git remote add myHttpsRemote https://my/foo/bar/project.git
git pull myHttpsRemote [branch]