GitHub/GitLab SSH key based authentication: Difference between revisions

From WikiMLT
m (Стадий: 5 [Фаза:Утвърждаване, Статус:Авторизиран]; Категория:DevOps and SRE)
 
(One intermediate revision by the same user not shown)
Line 68: Line 68:
* Risan Bagja: [https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 Upgrade Your SSH Key to Ed25519]
* Risan Bagja: [https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 Upgrade Your SSH Key to Ed25519]
* Cryptsus Blog: [https://cryptsus.com/blog/how-to-secure-your-ssh-server-with-public-key-elliptic-curve-ed25519-crypto.html How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography]
* Cryptsus Blog: [https://cryptsus.com/blog/how-to-secure-your-ssh-server-with-public-key-elliptic-curve-ed25519-crypto.html How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography]
* For AWS: [https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-unixes.html?icmpid=docs_acc_console_connect Setup steps for SSH connections to AWS CodeCommit repositories on Linux, macOS, or Unix]


<noinclude>
<noinclude>
Line 73: Line 74:
{{devStage  
{{devStage  
  | Прндл  = DevOps and SRE
  | Прндл  = DevOps and SRE
  | Стадий = 5
  | Стадий = 6
  | Фаза  = Утвърждаване
  | Фаза  = Утвърждаване
  | Статус = Авторизиран
  | Статус = Утвърден
  | ИдтПт  = Spas
  | ИдтПт  = Spas
  | РзбПт  = Spas
  | РзбПт  = Spas

Latest revision as of 16:44, 24 January 2024

This ar­ti­cle is based on the an­swer of mine un­der the ques­tion How do I set­up SSH key based au­then­ti­ca­tion for GitHub? at Ask Ubun­tu. Here is short man­u­al how to set­up SSH key based au­then­ti­ca­tion for GitHub/Git­Lab and how to use it. Note the process for the both Git providers GitHub and Git­Lab is iden­ti­cal.

The ex­am­ple be­low is giv­en for GitHub, if you want to do the same set­up for Git­Lab just re­place every oc­cur­rence of github with git­lab .

Set­up SSH key based au­then­ti­ca­tion for GitHub/​​​GitLab

1. In­stall the openssh-client if it is not al­ready in­stalled, and of course git:

sudo apt update && sudo apt install -y openssh-client git

2. Cre­ate user's SSH di­rec­to­ry and a sub di­rec­to­ry where your ded­i­cat­ed GitHub SSH key will be stored:

mkdir -p -m 700 ~/.ssh/github
  • The op­tion -m 700 is equiv­a­lent to chmod 700 ~/.ssh ~/.ssh/github.

3. Gen­er­ate the SSH key (the out­put key will have oc­tal per­mis­sions 600):

ssh-keygen -t ed25519 -C 'your@email.com' -f ~/.ssh/github/id_ed25519 -q -N ''
  • -q – si­lence ssh-key­gen; -N '' – emp­ty (with­out) passphrase, you can as­sign one if you want. If it is passphrase pro­tect­ed key, you can add -a 256 (de­fault is 16) to in­crease the se­cu­ri­ty of the passphrase by de­creas­ing its ver­i­fi­ca­tion.

4. Copy the con­tent of the file id_ed25519.pub, use the fol­low­ing com­mand to out­put it:

cat ~/.ssh/github/id_ed25519.pub
Figure 1. Set­up SSH key with­in GitHub.

5. Go to your GitHub ac­count and fol­low these steps:

  • From the drop-down menu in up­per right cor­ner se­lect Set­tings.
  • Then from the menu at the left side se­lect SSH and GPG keys.
  • Click on the New SSH Key but­ton.
  • Type some mean­ing­ful for a Ti­tle and paste the con­tent of ~/.ssh/github/id_ed25519.pub in the field Key.
  • Then click on the Add SSH Key but­ton.

6. Cre­ate the ~/.ssh/con­fig file, if it doesn't al­ready ex­ist:

touch ~/.ssh/config 
chmod 600 ~/.ssh/config

Ed­it the con­fig file and add the fol­low­ing en­try for the new SSH key:

Host github.com 
    IdentityFile ~/.ssh/github/id_ed25519

7. Test the set­up. Use the fol­low­ing com­mand:

ssh -T git@github.com

On the ques­tion – Are you sure you want to con­tin­ue con­nect­ing (yes/​​​no)? – an­swer with yes. If every­thing went well you should re­ceive a greet­ing mes­sage like this:

Hi pa4080! You've successfully authenticated, ...

How to use Git with SSH key

1. If you have al­ready cloned repos­i­to­ry through HTTPS, by us­ing a com­mand as these:

git clone https://github.com/username/repository-name.git
git clone git://github.com/username/repository-name

Go in­side the repository's di­rec­to­ry and ex­e­cute the next com­mand to al­low work via SSH:

git remote set-url origin git@github.com:username/repository-name.git

2. Di­rect clone a repos­i­to­ry via SSH:

git clone git@github.com:username/repository-name.git

3. In ad­di­tion if you are us­ing VSC it will work with­out prob­lems with this set­up. For al­ready cloned repos­i­to­ries just use the Open Fold­er op­tion and all VSC Git fea­tures will work.

Ref­er­ences