/workbook/markdown/03-SSH_Setup.md

http://github.com/matthewmccullough/git-workshop · Markdown · 40 lines · 25 code · 15 blank · 0 comment · 0 complexity · 465236f452694e68f3061d4485348e51 MD5 · raw file 

    

  1. # SSH Setup
    2. 

  2. 

  3. ## Setting up an SSH Key
    4. 

  4. This next step works with msysGit (Git for Windows) or on any *NIX system.
    5. 

  5. 

  6.     ssh-keygen -t rsa -C "yourname@yourcompany.com"
    7. 

  7.   
    8. 

  8. The `-t` flag is the algorithms used to create the key. The `-C` flag is the comment attached to the key. The comment can serve as a reminder of which system you use this with if you are going to generate more than one key pair to partition your Git SSH key from other SSH-authenticated systems and servers.
    9. 

  9.   
    10. 

  10. Other algorithms, like DSA, can also be used for SSH authentication and are compatible with Git, since Git is merely using the operating system's underlying SSH capabilities.
    11. 

    12. 

  12.     ssh-keygen -t dsa -C "yourname@yourcompany.com"
    13. 

  13. 

  14. Lengthier instructions for SSH key generation can be found at the [excellent GitHub page](http://help.github.com/msysgit-key-setup/).
    15. 

  15. 

  16. The decision whether or not to use a passphrase for your SSH keys can [also be found on GitHub](http://help.github.com/working-with-key-passphrases/).
    17. 

  17. 

  18. ## Sharing the Public portion of the Key
    19. 

  19. Most Git services use half of the key we just generated for authenticating instead of the typical username and password.  In security terms, SSH keys are quite a bit stronger than usernames.
    20. 

  20. 

  21. Keep the private half of the key (`id_rsa`) protected. Give away the public half (`id_rsa.pub`) liberally. You could even store it in a directory service if desired.
    22. 

  22. 

  23. ## Authorizing the key on another server
    24. 

  24. If you are in control of a server on which you'll be storing Git repos, you can authorize your account to automatically sign in. While logged in to the remote server, put the contents of a user's `id_rsa.pub` file on a single line (*absolutely no linebreaks!*) on a file named `~/.ssh/authorized_keys`.
    25. 

  25. 

  26. Similarly, key strings are copied-and-pasted to web based repositories like GitHub via the user interface. Copy the contents of `id_rsa.pub` to the clipboard and paste it into the appropriate textbox in the web UI of GitHub.
    27. 

  27. 

  28. ## Testing SSH
    29. 

  29. If you wish to test if you have passwordless (key authentication) working correctly, just SSH to the server. It will use your `id_rsa` and `id_rsa.pub` files automatically if they live in `~/.ssh/`. You should not see any prompt for a password.
    30. 

  30. 

  31.     ssh SERVERNAME
    32. 

  32. 

  33. In the case of a gitolite server, it will report your repository permissions before terminating.
    34. 

  34. 

  35.     hello mccm06, the gitolite version here is v1.5.5-68-g3cf2970
    36. 

  36.     the gitolite config gives you the following access:
    37. 

  37.          R   W 	gitolite-admin
    38. 

  38.         @R  @W 	testing
    39. 

  39.         @R   W 	testinglessaccess
    40. 

  40.     Connection to mybigserver closed.
    41.