I have two repositories on one machine on the same account on Github. I've added an ssh key to my account and pushing to repository A succeeds but I can't push to repository B. SSH keys on github aren't associated to specific repos iirc.
A little research has led me to find out that I need two different keys. How do I edit my config file so that git uses the correct key when pushing to the second repo?
I got to the solution by modifying the .ssh/config file to append this
Host repo2.github.com
User git
Port 22
Hostname github.com
IdentityFile ~/.ssh/id_rsa2
TCPKeepAlive yes
IdentitiesOnly yes
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
and then adding by appending the following in the .git/config file
[remote "origin"]
url = git#repo2.github.com:[Username]/G2-FrontEnd.git
fetch = +refs/heads/*:refs/remotes/origin/*
Related
I am setting up my ssh config for 2 different accounts in gitlab.
Host gitlab.com-roulette
HostName gitlab.com
User norayr.ghukasian
IdentityFile /home/norayr_ghukasyan/.ssh/id_ed25519_roulette
Host gitlab.com-devlix
HostName gitlab.com
User norayr.ghukasyan
IdentityFile /home/norayr_ghukasyan/.ssh/id_ed25519_devlix
I am getting a Permission denied error.
The strange thing for me is that the first one is working fine, therefore I think there is some tiny issue in my config that I am not aware of. I guess when the user or the server tries to connect, ssh automatically matches the first config with matched HostName.
How do I set up it properly to work for both of the accounts?
P.S. The Users are different - norayr.ghukasian and norayr.ghukasyan.
Following Use difference accounts on a single GitLab instance you would setup your configuration like so:
Host norayr.ghukasian.gitlab.com
Hostname gitlab.com
PreferredAuthentications publickey
User git
IdentityFile /home/norayr_ghukasyan/.ssh/id_ed25519_roulette
Host norayr.ghukasyan.gitlab.com
Hostname gitlab.com
PreferredAuthentications publickey
User git
IdentityFile /home/norayr_ghukasyan/.ssh/id_ed25519_devlix
Then to clone a repo as norayr.ghukasian user:
git clone git#norayr.ghukasian.gitlab.com:gitlab-org/gitlab.git
Using the username as the alias is not absolutely necessary. You can use a different alias if you wish and set it in the Host section of your ssh config.
Key takeaways:
The only thing that you need to tell GitLab who you are is the IdentityFile.
You can direct git/ssh to use a specific identity file by the alias you use for the host configured in the ssh config.
Dear StackOverflow community,
I created ssh-keys following this (https://gitlab.com/help/ssh/README) instruction. I added the ED25519 SSH key pair to the GitLab profile on the webpage and if I do ssh -T git#gitlab.com I do obtain the message Welcome to GitLab, #username!, so that far it seems to work.
However, I want to git push and git pull from my local repository to GitLab without typing my password every time. As far as I understand the SSH-keys, that should be exactly the thing they do, right?
EDIT:
my .ssh/config contains:
Host machine
User username
HostName machine.webside.com
The .gitconfig contains:
[user]
name = John Doe
email = john.doe#email.com
and the .git/config contains:
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://gitlab.com/johndoe/projectname.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
merge = refs/heads/master
[branch "branch1"]
remote = origin
merge = refs/heads/branch1
[branch "branch2"]
remote = origin
merge = refs/heads/branch2
Your .git/config shows that your repository is accessed over HTTPS, therefore using username and password authentication.
If you want to switch to ssh, you also have to change your local GIT configuration, in addition to adding an SSH key.
GitHub has a very detailed tutorial about changing your GIT remote URL from a HTTPS to a SSH one: https://help.github.com/en/articles/changing-a-remotes-url#switching-remote-urls-from-https-to-ssh
The steps described there are also applicable for GitLab, except that your remote URL will be something like git#gitlab.com:<repo-url.git> instead of git#github.com:<repo-url>.git
More or less, you just have to use git remote set-url origin.
When I try to clone the repository in Linux machine I am facing the below issue
-bash-4.1$ git clone
ssh://xxxxx#alm.oraclecorp.com:2222/epm_pbcs_15318/pbcs.git
Initialized empty Git repository in /home/xxxx/testgit/pbcs/.git/
Permission denied (keyboard-interactive,publickey).
fatal: The remote end hung up unexpectedly
Note:- I have added public ssh key in the repository
I have generated a key in my Linux machine using
ssh-keygen -t rsa -C "email#gmail.com"
and later on, copied the public key to alm where the GIT is hosted.
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwVM4haHIEOk6P7+h4xEDyZBrGjSLx53jNFE1AqMNWnPKWwxpGX5w4l/B0WJpP7G9gLJaZPw9loSEDDr3mGx5bRi3D8k6EFgFMpctALJlKTHFW1x47A1Z+0h2GZUvL5WZj1ZXicvpbHRxX5B+FB8s+b2d3uvwVVl26lIK3f6K2iUiRePlUH/1TPBTk/kzxvDBZQCRQKxM4Zb13S7b9WJcxt85g3+jCIebDbAaswUmIeWicM+BREmcP75ZV6ZEF1cBB54TvMrygsTzJacQS6/IsobOaZpWM7iVXTnEGjFh8iKCA5VacMMEt+QR8kc/CGOm1ujcNFbK6hikp2CpSOo4wQ== email#gmail.co
Please help me if there is any way to fix it
I think your problem is that you are not using your private key to connect to that repository.
The easiest way to do it is by adding the following lines to either ~/.ssh/config or /etc/ssh/ssh_config, please be careful and add the lines at the beggining of the file, * configuration must be at the end of the /etc/ssh/ssh_config (if you use this file for configuration):
Host alm.oraclecorp.com
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
IdentityFile YOUR_PRIVATE_KEY_LOCATION
Port 2222
User YOUR_USER
REMEMBER TO EDIT YOUR_PRIVATE_KEY_LOCATION AND YOUR_USER with your data
Let me know if this worked.
BR
I have successfully created gitolite-admin.git repo on server (say) 10.107.105.13. I can clone this repo on my local machine (say) 10.14.42.7 by issuing git clone gitolite#10.107.105.13:gitolite-admin. I had to add some lines in .ssh/config file to make sure that correct private key is used.
Then I have added a user dilawar to conf/gitolite.conf file and a appropriate key dilawar.pub to keys folder. I have added and commited this commit to the gitolite-admin repo. I have also added one more entry in .ssh/conf file so that a correct private key is used. But when I try to do git clone dilawar#10.107.105.13:testing, gitolite asks for the password. I am under the impression that I do not have to create user dilawar on 10.107.105.13. I have checked by logging into server that repository testing.git exists as well public-key dilawar.pub has been added to .ssh/authorized_keys.
I have also tried ssh -vvvv dilawar#10.107.105.13 to check if the correct file is being offered. Here is my .ssh/conf file.
HostName 10.107.105.13
User gitolite
IdentityFile ~/.ssh/gitolite
Host 10.107.105.13
HostName 10.107.105.13
User dilawar
IdentityFile ~/.ssh/id_rsa
What I am doing wrong?
In your config file, I see:
User dilawar
That is wrong. ssh communication to a gitolite server are always done with the same account (here gitolite).
What changes is the private key used, which will help gitolite determine your identity.
What you ~/.ssh/config file should look like is:
Host admin
HostName 10.107.105.13
User gitolite
IdentityFile ~/.ssh/gitolite
Host dilawar
HostName 10.107.105.13
User gitolite
IdentityFile ~/.ssh/id_rsa
For cloning gitolite-admin, you would use:
git clone admin:gitolite-admin
For cloning a repo dilawar has access to:
git clone dilawar:aRepo
See more at "Gitolite: adding user not working, and DENIED by fallthru when cloning as root?".
See also "how gitolite uses ssh"
Adding your public key to the server's ~git/.ssh/authorized_keys file is how ssh uses pubkeys to authenticate users.
Let's say sita#work.station is trying to log in as git#server.
What you have to do is take the ~sita/.ssh/id_rsa.pub file for user sita on work-station and append its contents (remember it's only one line) to ~git/.ssh/authorized_keys for user git on server.
The authorized_keys file can have multiple public keys (from many different people) added to it so any of them can log in to git#server.
I have got it working by cloning the repository using the gitolite username.
git clone gitolite#server:repo
If keys are added successfully then further pull and push will go smoothly.
I am accepting VomC answer as a better answer.
VonC's answer is the key, but I ran into an edge case that's worth mentioning for future searchers.
Even if you do everything else right, as in VonC's answer, a somewhat standard setting for ControlPath can mess things up.
I had two users in ~/.ssh/config, as below:
Host gitolite
HostName <whatever>
User git
IdentityFile ~/.ssh/gitolite
Host username
HostName <whatever>
User git
IdentityFile ~/.ssh/username
In theory, this should have allowed me to run git clone git#username:reponame, but the server kept thinking that I was trying to clone the repo as the gitolite admin (who does not have permission to clone that repo), rather than as the gitolite user (who does have permission to clone the repo).
The problem was that in my all hosts section, I had the following:
Hosts *
# other stuff that doesn't matter
ControlPath ~/.ssh/ssh-%r#%h:%p
If you don't see it right away (I didn't!), the problem is that the expansions for %r#%h%p (= username#hostname:port) are identical for the gitolite and username entries. They're both git#hostname:port! Once I realized that, it was an easy fix. Simply add distinguishing elements into a more specific ControlPath entry for those two users. E.g.,
Host gitolite
HostName <whatever>
User git
IdentityFile ~/.ssh/gitolite
ControlPath ~/.ssh/gitolite-admin-%r#%h:%p
Host username
HostName <whatever>
User git
IdentityFile ~/.ssh/username
ControlPath ~/.ssh/gitolite-username-%r#%h:%p
I had to edit /etc/ssh/sshd_config and add git (the user) to the line which begins with AllowUsers.
Then I had to add git to a sysadmin group that was also allow on sshd_config's line that begins with AllowGroups.
Don't forget to restart the ssh daemon with sudo service ssh restart.
Note : I didn't have to ssh-copy-id or add the public key to /home/git/.ssh/authorized_keys as suggested before (gitolite's developer recommends against this btw.)
I had the same problem, with a different solution because of my config. I setup my gitolite user as “git” so I needed to do git clone git#server:repo.git
I create a deploy user, generate an ssh_key, I add id_rsa.pub as github deploy key.
this deploy user need pull 2 repo, so I add the same ssh_key to another repo as deploy key.
but github tell me, deploy key already in use.
and I don't know how add 2 id_rsa.pub for 1 user.
update:
I add id_rsa_assets additional, but I still cannot pull.
ssh-add .ssh/id_rsa_assets
Could not open a connection to your authentication agent.
.ssh/config
Host guardians
Hostname github.com
User git
IdentityFile ~/.ssh/id_rsa
Host assets
Hostname github.com
User git
IdentityFile ~/.ssh/id_rsa_assets
You can create two public/private keys with whatever name you want:
~/.ssh
repo1
repo1.pub
repo2
repo2.pub
config
(Ie it doesn't have to be named id_rsa(.pub) to work, provided you indicate ssh where to look.
That is where 'config' comes into play: the config file includes the name of your two connections for GitHub repo1 and GitHub repo2 with, for each connection, the path to your private repo key, as described in "change github account mac command line" and in "Quick Tip: How to Work with GitHub and Multiple Accounts":
Host githubRepo1
HostName github.com
User git
IdentityFile ~/.ssh/repo1
Host githubRepo2
HostName github.com
User git
IdentityFile ~/.ssh/repo2
That way you can pull from any of the two repos, as long as you are using their ssh addresses.