GitHub/GitLab SSH key based authentication: Difference between revisions
mNo edit summary |
m (→References) |
||
| (9 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
<noinclude><!--[[Category:DevOps_and_SRE|?]]-->{{ContentArticleHeader/DevOps_and_SRE}}</noinclude> | <noinclude><!--[[Category:DevOps_and_SRE|?]]-->{{ContentArticleHeader/DevOps_and_SRE}}</noinclude> | ||
This article is based on the answer of mine under the question [https://askubuntu.com/a/1097078/566421 ''How do I setup SSH key based authentication for GitHub?''] at Ask Ubuntu. Here is short manual how to setup SSH key based authentication for GitHub and how to use it. | This article is based on the answer of mine under the question [https://askubuntu.com/a/1097078/566421 ''How do I setup SSH key based authentication for GitHub?''] at Ask Ubuntu. Here is short manual how to setup SSH key based authentication for '''GitHub'''/'''GitLab''' and how to use it. Note the process for the both Git providers GitHub and GitLab is identical. | ||
==Setup SSH key based authentication for GitHub== | The example below is given for GitHub, if you want to do the same setup for GitLab just ''replace every occurrence'' of <code>github</code> with <code>gitlab</code> . | ||
==Setup SSH key based authentication for GitHub/GitLab== | |||
'''1.''' Install the <code>openssh-client</code> if it is not already installed, and of course <code>git</code>:<syntaxhighlight lang="shell" line="1"> | '''1.''' Install the <code>openssh-client</code> if it is not already installed, and of course <code>git</code>:<syntaxhighlight lang="shell" line="1"> | ||
| Line 61: | Line 63: | ||
== References == | == References == | ||
*[https://gist.github.com/developius/c81f021eb5c5916013dc | *GitHub Developius' Gist: [https://gist.github.com/developius/c81f021eb5c5916013dc Setup SSH keys for use with GitHub/GitLab/BitBucket etc] | ||
*Information Security: [https://security.stackexchange.com/questions/90077/ssh-key-ed25519-vs-rsa SSH Key: Ed25519 vs RSA] | *Information Security: [https://security.stackexchange.com/questions/90077/ssh-key-ed25519-vs-rsa SSH Key: Ed25519 vs RSA] | ||
* Information Security: [https://security.stackexchange.com/questions/101044/is-it-bad-that-my-ed25519-key-is-so-short-compared-to-a-rsa-key Is it bad that my ed25519 key is so short compared to a RSA key?] | * Information Security: [https://security.stackexchange.com/questions/101044/is-it-bad-that-my-ed25519-key-is-so-short-compared-to-a-rsa-key Is it bad that my ed25519 key is so short compared to a RSA key?] | ||
* Risan Bagja: [https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 Upgrade Your SSH Key to Ed25519] | * Risan Bagja: [https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 Upgrade Your SSH Key to Ed25519] | ||
* Cryptsus Blog: [https://cryptsus.com/blog/how-to-secure-your-ssh-server-with-public-key-elliptic-curve-ed25519-crypto.html How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography] | * Cryptsus Blog: [https://cryptsus.com/blog/how-to-secure-your-ssh-server-with-public-key-elliptic-curve-ed25519-crypto.html How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography] | ||
* For AWS: [https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-unixes.html?icmpid=docs_acc_console_connect Setup steps for SSH connections to AWS CodeCommit repositories on Linux, macOS, or Unix] | |||
<noinclude> | <noinclude> | ||
| Line 71: | Line 74: | ||
{{devStage | {{devStage | ||
| Прндл = DevOps and SRE | | Прндл = DevOps and SRE | ||
| Стадий = | | Стадий = 6 | ||
| Фаза = | | Фаза = Утвърждаване | ||
| Статус = | | Статус = Утвърден | ||
| ИдтПт = Spas | | ИдтПт = Spas | ||
| РзбПт = | | РзбПт = Spas | ||
| АвтПт = Spas | | АвтПт = Spas | ||
| УтвПт = | | УтвПт = {{REVISIONUSER}} | ||
| ИдтДт = 5.07.2022 | | ИдтДт = 5.07.2022 | ||
| РзбДт = | | РзбДт = 19.02.2023 | ||
| АвтДт = | | АвтДт = 19.02.2023 | ||
| УтвДт = | | УтвДт = {{Today}} | ||
| ИдтРв = [[Special:Permalink/27696|27696]] | | ИдтРв = [[Special:Permalink/27696|27696]] | ||
| РзбРв = | | РзбРв = [[Special:Permalink/32288|32288]] | ||
| АвтРв = | | АвтРв = [[Special:Permalink/32298|32298]] | ||
| РзАРв = [[Special:Permalink/ | | РзАРв = [[Special:Permalink/31170|31170]] | ||
| УтвРв = | | УтвРв = {{REVISIONID}} | ||
| РзУРв = [[Special:Permalink/ | | РзУРв = [[Special:Permalink/31172|31172]] | ||
}} | }} | ||
</div> | </div> | ||
</noinclude> | </noinclude> | ||
Latest revision as of 17:44, 24 January 2024
This article is based on the answer of mine under the question How do I setup SSH key based authentication for GitHub? at Ask Ubuntu. Here is short manual how to setup SSH key based authentication for GitHub/GitLab and how to use it. Note the process for the both Git providers GitHub and GitLab is identical.
The example below is given for GitHub, if you want to do the same setup for GitLab just replace every occurrence of github with gitlab .
Setup SSH key based authentication for GitHub/GitLab
1. Install the openssh-client if it is not already installed, and of course git:
sudo apt update && sudo apt install -y openssh-client git
2. Create user's SSH directory and a sub directory where your dedicated GitHub SSH key will be stored:
mkdir -p -m 700 ~/.ssh/github
- The option
-m 700is equivalent tochmod 700 ~/.ssh ~/.ssh/github.
3. Generate the SSH key (the output key will have octal permissions 600):
ssh-keygen -t ed25519 -C 'your@email.com' -f ~/.ssh/github/id_ed25519 -q -N ''
-q– silence ssh-keygen;-N ''– empty (without) passphrase, you can assign one if you want. If it is passphrase protected key, you can add-a 256(default is 16) to increase the security of the passphrase by decreasing its verification.
4. Copy the content of the file id_ed25519.pub, use the following command to output it:
cat ~/.ssh/github/id_ed25519.pub
5. Go to your GitHub account and follow these steps:
- From the drop-down menu in upper right corner select Settings.
- Then from the menu at the left side select SSH and GPG keys.
- Click on the New SSH Key button.
- Type some meaningful for a Title and paste the content of
~/.ssh/github/id_ed25519.pubin the field Key. - Then click on the Add SSH Key button.
6. Create the ~/.ssh/config file, if it doesn't already exist:
touch ~/.ssh/config
chmod 600 ~/.ssh/config
Edit the config file and add the following entry for the new SSH key:
Host github.com
IdentityFile ~/.ssh/github/id_ed25519
7. Test the setup. Use the following command:
ssh -T git@github.com
On the question – Are you sure you want to continue connecting (yes/no)? – answer with yes. If everything went well you should receive a greeting message like this:
Hi pa4080! You've successfully authenticated, ...
How to use Git with SSH key
1. If you have already cloned repository through HTTPS, by using a command as these:
git clone https://github.com/username/repository-name.git
git clone git://github.com/username/repository-name
Go inside the repository's directory and execute the next command to allow work via SSH:
git remote set-url origin git@github.com:username/repository-name.git
2. Direct clone a repository via SSH:
git clone git@github.com:username/repository-name.git
3. In addition if you are using VSC it will work without problems with this setup. For already cloned repositories just use the Open Folder option and all VSC Git features will work.
References
- GitHub Developius' Gist: Setup SSH keys for use with GitHub/GitLab/BitBucket etc
- Information Security: SSH Key: Ed25519 vs RSA
- Information Security: Is it bad that my ed25519 key is so short compared to a RSA key?
- Risan Bagja: Upgrade Your SSH Key to Ed25519
- Cryptsus Blog: How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography
- For AWS: Setup steps for SSH connections to AWS CodeCommit repositories on Linux, macOS, or Unix
