Git generate ssh keys linux

Generating a new SSH key and adding it to the ssh-agent

After you’ve checked for existing SSH keys, you can generate a new SSH key to use for authentication, then add it to the ssh-agent.

About SSH key passphrases

You can access and write data in repositories on GitHub AE using SSH (Secure Shell Protocol). When you connect via SSH, you authenticate using a private key file on your local machine. For more information, see «About SSH.»

When you generate an SSH key, you can add a passphrase to further secure the key. Whenever you use the key, you must enter the passphrase. If your key has a passphrase and you don’t want to enter the passphrase every time you use the key, you can add your key to the SSH agent. The SSH agent manages your SSH keys and remembers your passphrase.

If you don’t already have an SSH key, you must generate a new SSH key to use for authentication. If you’re unsure whether you already have an SSH key, you can check for existing keys. For more information, see «Checking for existing SSH keys.»

If you want to use a hardware security key to authenticate to GitHub AE, you must generate a new SSH key for your hardware security key. You must connect your hardware security key to your computer when you authenticate with the key pair. For more information, see the OpenSSH 8.2 release notes.

Generating a new SSH key

You can generate a new SSH key on your local machine. After you generate the key, you can add the public key to your account on GitHub AE to enable authentication for Git operations over SSH.

  1. Open Terminal Terminal Git Bash .
  2. Paste the text below, substituting in your GitHub AE email address.
ssh-keygen -t rsa -b 4096 -C "your_email@example.com" ssh-keygen -t rsa -b 4096 -C "your_email@example.com" 
> Generating public/private ALGORITHM key pair.

When you’re prompted to «Enter a file in which to save the key», you can press Enter to accept the default file location. Please note that if you created SSH keys previously, ssh-keygen may ask you to rewrite another key, in which case we recommend creating a custom-named SSH key. To do so, type the default file location and replace id_ssh_keyname with your custom key name.

> Enter a file in which to save the key (/Users/YOU/.ssh/id_ALGORITHM): [Press enter]
> Enter a file in which to save the key (/c/Users/YOU/.ssh/id_ALGORITHM):[Press enter]
> Enter a file in which to save the key (/home/YOU/.ssh/ALGORITHM):[Press enter]
> Enter passphrase (empty for no passphrase): [Type a passphrase] > Enter same passphrase again: [Type passphrase again]

Adding your SSH key to the ssh-agent

Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. When adding your SSH key to the agent, use the default macOS ssh-add command, and not an application installed by macports, homebrew, or some other external source.

$ eval "$(ssh-agent -s)" > Agent pid 59566
$ open ~/.ssh/config > The file /Users/YOU/.ssh/config does not exist.
Host HOSTNAME AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_ecdsa 
  • If you chose not to add a passphrase to your key, you should omit the UseKeychain line.
  • If you see a Bad configuration option: usekeychain error, add an additional line to the configuration’s’ Host *.HOSTNAME section.
Host HOSTNAME IgnoreUnknown UseKeychain 
ssh-add --apple-use-keychain ~/.ssh/id_rsa

Note: The —apple-use-keychain option stores the passphrase in your keychain for you when you add an SSH key to the ssh-agent. If you chose not to add a passphrase to your key, run the command without the —apple-use-keychain option. The —apple-use-keychain option is in Apple’s standard version of ssh-add . In MacOS versions prior to Monterey (12.0), the —apple-use-keychain and —apple-load-keychain flags used the syntax -K and -A , respectively. If you don’t have Apple’s standard version of ssh-add installed, you may receive an error. For more information, see «Error: ssh-add: illegal option — K.» If you continue to be prompted for your passphrase, you may need to add the command to your ~/.zshrc file (or your ~/.bashrc file for bash).

If you have GitHub Desktop installed, you can use it to clone repositories and not deal with SSH keys.

    Ensure the ssh-agent is running. You can use the «Auto-launching the ssh-agent» instructions in «Working with SSH key passphrases», or start it manually:

# start the ssh-agent in the background $ eval "$(ssh-agent -s)" > Agent pid 59566
$ eval "$(ssh-agent -s)" > Agent pid 59566

Generating a new SSH key for a hardware security key

If you are using macOS or Linux, you may need to update your SSH client or install a new SSH client prior to generating a new SSH key. For more information, see «Error: Unknown key type.»

  1. Insert your hardware security key into your computer.
  2. Open Terminal Terminal Git Bash .
  3. Paste the text below, substituting in the email address for your account on GitHub AE.
ssh-keygen -t ecdsa-sk -C "YOUR_EMAIL"
> Enter a file in which to save the key (/Users/YOU/.ssh/id_ecdsa_sk): [Press enter]
> Enter a file in which to save the key (/c/Users/YOU/.ssh/id_ecdsa_sk):[Press enter]
> Enter a file in which to save the key (/home/YOU/.ssh/id_ecdsa_sk):[Press enter]
> Enter passphrase (empty for no passphrase): [Type a passphrase] > Enter same passphrase again: [Type passphrase again]

Help and support

Help us make these docs great!

All GitHub docs are open source. See something that’s wrong or unclear? Submit a pull request.

Источник

4.3 Git на сервере — Генерация открытого SSH ключа

Как отмечалось ранее, многие Git-серверы используют аутентификацию по открытым SSH-ключам. Для того чтобы предоставить открытый ключ, каждый пользователь в системе должен его сгенерировать, если только этого уже не было сделано ранее. Этот процесс аналогичен во всех операционных системах. Сначала вам стоит убедиться, что у вас ещё нет ключа. По умолчанию пользовательские SSH ключи сохраняются в каталоге ~/.ssh домашнем каталоге пользователя. Вы можете легко проверить наличие ключа перейдя в этот каталог и посмотрев его содержимое:

$ cd ~/.ssh $ ls authorized_keys2 id_dsa known_hosts config id_dsa.pub

Ищите файл с именем id_dsa или id_rsa и соответствующий ему файл с расширением .pub . Файл с расширением .pub — это ваш открытый ключ, а второй файл — ваш приватный ключ. Если указанные файлы у вас отсутствуют (или даже нет каталога .ssh ), вы можете создать их используя программу ssh-keygen , которая входит в состав пакета SSH в системах Linux/Mac, а для Windows поставляется вместе с Git:

$ ssh-keygen -o Generating public/private rsa key pair. Enter file in which to save the key (/home/schacon/.ssh/id_rsa): Created directory '/home/schacon/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/schacon/.ssh/id_rsa. Your public key has been saved in /home/schacon/.ssh/id_rsa.pub. The key fingerprint is: d0:82:24:8e:d7:f1:bb:9b:33:53:96:93:49:da:9b:e3 schacon@mylaptop.local

Сначала программа попросит указать расположение файла для сохранения ключа ( .ssh/id_rsa ), затем дважды ввести пароль для шифрования. Если вы не хотите вводить пароль каждый раз при использовании ключа, то можете оставить его пустым или использовать программу ssh-agent . Если вы решили использовать пароль для приватного ключа, то настоятельно рекомендуется использовать опцию -o , которая позволяет сохранить ключ в формате, более устойчивом ко взлому методом подбора, чем стандартный формат.

Теперь каждый пользователь должен отправить свой открытый ключ вам или тому, кто администрирует Git-сервер (подразумевается, что ваш SSH-сервер уже настроен на работу с открытыми ключами). Для этого достаточно скопировать содержимое файла с расширением .pub и отправить его по электронной почте. Открытый ключ выглядит примерно так:

$ cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3 Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA t3FaoJoAsncM1Q9x5+3V0Ww68/eIFmb1zuUFljQJKprrX88XypNDvjYNby6vw/Pb0rwert/En mZ+AW4OZPnTPI89ZPmVMLuayrD2cE86Z/il8b+gw3r3+1nKatmIkjn2so1d01QraTlMqVSsbx NrRFi9wrf+M7Q== schacon@mylaptop.local

Более подробное руководство по созданию SSH-ключей и конфигурации клиента на различных системах вы можете найти в руководстве GitHub.

Источник

How to Generate SSH key for Git

A SSH key is considered an access credential for the secure shell ( SSH ) network protocol. It is an encrypted and authenticated secure network protocol, applied for remote communication between machines operating on an unsecured network. This snippet will help you to find the kbd >SSH key on your PC if it exists, generate a new SSH key and learn how to add it to your ssh-agent or your GitHub/Bitbucket account .

Checking PC’s SSH Keys

You can do that by following the steps below. Type ls -al ~/.ssh so as to see your ssh keys:

By default, the filename of the public key is one of the following:

id_ecdsa.pub id_ed25519.pub id_rsa.pub

Generate a new SSH key

If you don’t have an SSH key , you should create it. Now let’s generate a new SSH key step by step.

Type the command below, using your GitHub’s account email:

ssh-keygen -t rsa -b 4096 -C "[your github's email]"

After running this command, you will be offered to set the SSH key path, but we recommend you to use its default value by pressing the «Enter» button.

> Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]

After that it will offer you to insert a passphrase to protect your SSH key .

> Enter passphrase (empty for no passphrase): [Type a passphrase] > Enter same passphrase again: [Type passphrase again]

Adding an SSH key to the ssh-agent

Now, when you already have an SSH key , you can add it into the ssh-agent .

    Be sure ssh-agent is enabled:

If you changed the default path while generating an SSH key , now you need to mention that path instead of ~/.ssh/id_rsa .

How To Add SSH Key To GitHub/Bitbucket Account

Usually, repositories are private, and the developers are required to write a username and a password to take any actions related to the remote repository. Adding your SSH key to the GitHub/Bitbucket account helps the system to identify you and your are not asked to write your username and password each time.

Open your terminal and type the command below:

Now, it will print the SSH key in the terminal, so you can copy it.

How to Add SSH Key to the GitHub Account

  1. Log into your GitHub’s account. In the top right corner of any page, click your profile photo, then click Settings.
  2. In the user settings sidebar, click on SSH and GPG keys.
  3. Click on the New SSH key button.
  4. Type the title and your SSH key , and press the Add SSH key button.

How to Add SSH Key to the Bitbucket Account

  1. Log into your Bitbucket’s account. In the left bottom corner of any page, click your profile photo, then click Personal Settings.
  2. In the Personal settings sidebar, click on SSH keys.
  3. Click on the Add key button.
  4. Type the title and your Add key , and press the Add key button.

Now you have added your PC’s SSH key to your GitHub’s/Bitbucket’s account.

Why we need SSH key (for Linux and OSX)

SSH keys are an access credential used in SSH protocol (Secure Shell) which is a network protocol that helps to login from one computer to another securely, as well as to manage networks, operating systems, and configurations. If you use Git and want to clone anything from remote repositories, you have to choose one of these two ways: HTTPS or SSH. If you use HTTPS, you have to type your account access every time you communicate with the remote repository, or change your configs and fill your account data (access). Another modern way is to use the SSH authentication method. It is used in many Version Control Systems to have command line access into your servers, etc. SSH key pairs can be used for authentication instead of passwords. Each key pair consists of a private key and a corresponding public key. When you use SSH key for Git, you inform Git that this PC is authenticated for that GitHub account, and it will never ask you about any access again because you have already given it your SSH key.

Источник

Читайте также:  Linux software and hosting
Оцените статью
Adblock
detector