I'm trying to configure a git repo in SmartGit through a SSH tunnel on Ubuntu 16.04.
I can't configure my private SSH key in SmartGit. I want to use the SmartGit SSH client but the Pereferences->Authentication don't allow me to add a key to use.
When I pull from the remote, I get a 'permission denied' error.
I found windows related topics but nothing on Linux distribs and nothing in SG documentation.
First, make sure to configure the System SSH client in the SmartGit preferences.
If you have ssh in your path, you can then export the GIT_SSH_COMMAND environment variable to instruct Git to use the ssh :command of your choice.
In your case, a command which would directly reference your private key
export GIT_SSH_COMMAND='ssh -i /path/to/private/key'
Then launch again SmartGit (for it to inherit that new environment variable), and try again your SSH tunnel.
Related
in my local dev windows machine I generated shh key using PuttyGen. I also pasted public key into gitlab ssh keys section so now are linked.
I can correcty use ssh now from my windows manchine but I want to use it also in my production server which uses ubuntu.
For example I wan to ssh clone a repository into my ubuntu machine, where and how should I add the ssh keys to my ubuntu server so I can link it with gitlab.
I used this tutorial to generate ssh keys in windows with Putty.
https://ourcodeworld.com/articles/read/1421/how-to-create-a-ssh-key-to-work-with-github-and-gitlab-using-puttygen-in-windows-10
How should I add the ssh keys to my Ubuntu server so I can link it with GitLab?
Ideally, you would create a dedicated key pair on your Ubuntu server, in order to be able to clone GitLab repositories.
On that Ubuntu server, go to your $HOME folder of your account 'user' (replace user by the actual user name you are login with on that server).
cd
# assuming you do not have a default key yet:
ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
# copy ~/.ssh/id_rsa.pub to your GitLab account
# Check the key is working
ssh -Tv git#gitlab.com
# Use your key to clone repositories
git clone git#gitlab.com:me/myRepository
The setup is as follows:
remote private server far far away
remote private server has private gitlab instance on port XXXX
remote private server is configured to allow SSH sign-on via SSH key
gitlab instance on port XXXX of remote private server requires SSH key authentication using different SSH key
How can I clone that repository onto my local machine, and push/pull data remotely given that setup?
This is how I access it locally when I am not far, far away from remote private server:
git clone git#XXX.XXX.XX.X:REPODIR/repo_name.git
In this case, XXX.XXX.XX.X is the IP of the local git-lab instance on the remote network.
Is there anyway to tunnel into the remote network and access the gitlab instance by proxy (forgive me for using the word wrong likely).
Thank you.
Ok, mostly thanks to #o11c for this, although here are my findings that led me to be able to clone my repo remotely.
Disclaimer: ProxyJump (-J see ssh manpage) is the shorthand, more modern, version of this but I couldn't get it working -- if anyone wants to update with their implementation of ProxyJump that would be useful!
SSH into your remote account to the main server with port to your gitlab or other application instance, using your main identity (this can be in ~/.ssh or you can manually reference it with -i)
ssh -ND 3131 nkunes#XXX.XXX.1.146 -i ../../keys/XXX-ssh &
I then source this bash script in the shell I intend to run git commands (notice the ProxyCommand usage instead of ProxyJump, this is the old method of doing this yet it works well for me. also notice the 127.0.0.1:PORT should be swapped with your application's port)
alias ssh="ssh -o ProxyCommand='/usr/bin/nc -X 4 -x 127.0.0.1:3131 %h %p'"
export GIT_SSH=~/Desktop/XXX-eng/ssh-access/ssh-proxy.sh
export PRE_SSH_ALIAS_PROMPT="$PS1"
export PS1="<< SSH ALIAS >>$PS1"
Where ssh-proxy.sh is defined as follows: (again, swap the port out for your application, and possibly use ProxyJump if want modern implementation)
ssh -o ProxyCommand='/usr/bin/nc -X 4 -x 127.0.0.1:3131 %h %p' "$#"
Then, you can clone normally using:
git clone git#XXX.XXX.XX.X:REPODIR/repo_name.git
I have some Jenkins jobs defined using a Jenkins Pipeline Model Definition, which builds NPM projects. I use Docker containers to build these projects (using a common image with
just Node.js + npm + yarn).
The results of the builds are contained in the dist/ folder that I zipped using a zip pipeline command.
I want to copy this ZIP file to another server using SSH/SCP (with private key authentication). My private key is added to the Jenkins environment (credentials manager), but when I use Docker containers, an SSH connection cannot be established.
I tried to add agent { label 'master' } to use the master Jenkins node for file transfer, but it seems to create a clean workspace with new Git fetch, and without my built files.
After I tried the SSH Agent Plugin, I have this output:
Identity added: /srv/jenkins3/workspace/myjob-TFD#tmp/private_key_370451445598243031.key (rsa w/o comment)
[ssh-agent] Started.
[myjob-TFD] Running shell script
+ scp -r dist test#myremotehost:/var/www/xxx
$ docker exec bfda17664965b14281eef8670b34f83e0ff60218b04cfa56ba3c0ab23d94d035 env SSH_AGENT_PID=1424 SSH_AUTH_SOCK=/tmp/ssh-k658r0O76Yqb/agent.1419 ssh-agent -k
unset SSH_AUTH_SOCK;
unset SSH_AGENT_PID;
echo Agent pid 1424 killed;
[ssh-agent] Stopped.
Host key verification failed.
lost connection
How do I add a remote host as authorized?
I had a similar issue. I did not use the label 'master', and I identified that the file transfer works across slaves when I do it like this:
Step 1 - create SSH keys in a remote host server, include the key to authorized_keys
Step 2 - Create credential using SSH keys in Jenkins, use the private key from the remote host
Use the SSH agent plugin:
stage ('Deploy') {
steps{
sshagent(credentials : ['use-the-id-from-credential-generated-by-jenkins']) {
sh 'ssh -o StrictHostKeyChecking=no user#hostname.com uptime'
sh 'ssh -v user#hostname.com'
sh 'scp ./source/filename user#hostname.com:/remotehost/target'
}
}
}
Use the SSH agent plugin:
SSH Agent Plugin
SSH Agent Plugin
When using this plugin you can use the global credentials.
To add a remote host to known hosts and hopefully cope with your error try to manually ssh from the Jenkins host to the target host as the Jenkins user.
Get on the host where Jenkins is installed. Type
sudo su jenkins
Now use ssh or scp like
ssh username#server
You should be prompted like this:
The authenticity of host 'server (ip)' can't be established.
ECDSA key fingerprint is SHA256:some-weird-string.
Are you sure you want to continue connecting (yes/no)?
Type yes. The server will be permanently added as a known host. Don't even bother passing a password, just Ctrl + C and try running a Jenkins job.
Like #haschibaschi recommends, I also use the ssh-agent plugin. I have a need to use my personal UID credentials on the remote machine, because it doesn't have any UID Jenkins account. The code looks like this (using, for example, my personal UID="myuid" and remote server hostname="non_jenkins_svr":
sshagent(['e4fbd939-914a-41ed-92d9-8eededfb9243']) {
// 'myuid#' required for scp (this is from UID jenkins to UID myuid)
sh "scp $WORKSPACE/example.txt myuid#non_jenkins_svr:${dest_dir}"
}
The ID e4fbd939-914a-41ed-92d9-8eededfb9243 was generated by the Jenkins credentials manager after I created a global domain credentials entry.
After creating the credentials entry, the ID is found under the "ID" column on the credentials page. When creating the entry, I selected type 'SSH Username with private key' ('Kind' field), and copied the RSA private key I had created for this purpose under the myuid account on host non_jenkins_svr without a passphrase.
Unable to find clear instructions, and other questions have Windows answers.
Under hosting provider I have toggled 'Use SSH instead of HTTPS to access repositories':
gitlab smartgit
And I have configured smartgit as SSH client:
smartgit ssh client
I have my ssh key in the right folder: /home/user/.ssh/id_rsa_4096_gitlab
When cloning smartgit still asks me for http authentication. So my questions are:
How can I clone a private repository using SmartGit as a SSH client on linux?
At what point is smartgit going to ask me what ssh key to use?
Or what name should I give my ssh key so smartgit recognizes it?
I forgot that I had to add the ssh:// version of the url, once I did, smartgit asked me for the SSH key location and everything works now.
My main development box uses Linux Mint.
When I am physically at the computer I can do remote operations like git fetch with no problem.
The user I log-in as is "jonbri".
> whoami
jonbri
In ~/.ssh (/home/jonbri/.ssh) is my private key (/home/jonbri/.ssh/jonbri) and public key (/home/jonbri/.ssh/jonbri.pub).
But when I am at another computer, for example another Linux Mint computer, and on the command-line I open a ssh remote shell to my main computer, when I try operations such as git fetch, it looks like the keys in ~/.ssh are not being picked up.
Here's what I see (with pwd being the root of the git repo):
> git fetch
Password:
Then, even no matter which password I enter it doesn't work.
To enable the ability to open a remote ssh shell I used apt-get to install open-ssh-server and open-ssh-client.
Any ideas why my keys aren't being picked up when inside a remote ssh shell.
SSH is likely expecting the standard names of id_dsa for your private key and id_dsa.pub for your public key.
From the github documentation:
Check the directory listing to see if you already have a public SSH key.
The default public key file names are:
id_dsa.pub
id_ecdsa.pub
id_ed25519.pub
id_rsa.pub