I have a public-private ssh key pair (generated by ssh-keygen without a passphrase) and I use it with my bitbucket account, in particular with a mercurial repository.
Usually I add manually the private key in my home working pc, using ssh-add ~/.ssh/id_rsa. I'm searching a way to do this automatically at every boot. There are many tutorials but I still have some problems.
I have tried with:
Add the line ssh = ssh -i ~/.ssh/id_rsa -C in my ~/.hgrc mercurial settings file. This one doesn't work.
Create ~/.ssh/config ssh configuration file with the following content:
Host bitbucket-ssh
Hostname ssh://hg#bitbucket.org/...
IdentityFile ~/.ssh/id_rsa
The second one does not work too.
What I'm wrong with? Should I use a simple bash script running ssh-add at every boot?
Thanks in advance.
I know this question is old, but I couldn't find the (imho) correct answer in any of the related questions.
Don't add anything to any of your shell startup scripts, this is unnecessary hackery.
Instead, add
AddKeysToAgent yes
to your .ssh/config
Like this, ssh-add is run automatically the first time you ssh into another box. You only have to re-enter your key when it expires from ssh-agent or after you reboot.
If ssh-add ~/.ssh/id_rsa solves your problem when you call it from the commandline, just add it to your .bash_profile (or equivalent, if you don't use bash) and be done with it. It will get run whenever you log on.
Related
I am developing a script that will automatically keep a folder on two workstations synchronized using rsync. So far, I have gotten everything to work but I have one small thing I haven't figured out. Once, the rsync command is executed, it prompts for the password of the other workstation. However, I haven't been able to find a way to automatically enter that password once prompted in the terminal. I tried using the expect command, but that didn't work as the command didn't execute until after I enter the password.
Is there a solution to this?
Here is my script. I have two instances of the same VM, hence the same usernames
#!/bin/bash
LOCAL="/home/rams/Documents/"
RSYNC_OPTIONS="-avh --progress /home/rams/Documents/ rams#192.168.1.39:/home/rams/Downloads/"
PASSWORD="rams2020"
while true
do
inotifywait -e modify $LOCAL
rsync $RSYNC_OPTIONS
done
Solution shown here:
https://stackoverflow.com/a/3299970/8860865
TL;DR - Use an SSH keygen to generate a keyfile that will authenticate upon using the rsync command and the password is prompted. https://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/
I had to wipe out my Windows OS. I went to check if I had ab ssh still and there was none so I created one.
Went through the proper steps and even got the agent ID.
Now when I try and find the id/rsa/pub using bash it tells me no file or directory.
But I can find that ssh file using my file explorer.
Trying to get ssh keys to reload up to my GitHub and Heroku.
After searching stackoverflow I did find an article saying to run the command env|grep HOME and make sure HOMEDRIVE=C: was set to HOMEDRIVE=C:Users/Samson/ but mine is not.
If that is the correct fix how do i set HOMEDRIVE=C: = to Users/Samson/
I am on a Windows Machine
If that isn't the correct fix, I'm open to suggestions. I am extrememly green to this.
Problem
There are two problems in the attempt to display the ssh public key, shown in the screenshot:
No command is used, the file path is entered directly. The command cat may be used for this purpose.
The file path is incorrect: id_rsa/pub instead of id_rsa.pub.
Solution
In order to view the public key file content, try the following command in bash:
cat ~/.ssh/id_rsa.pub
Otherwise, you may simply open the file from windows explorer, using a text editor (e.g. notepad).
You have to generate key first
Use this command to generate key
ssh-keygen -t rsa -b 4096 -C "youremail#example.com"
Enter the above email which you have in you github.
And now press enter and then you key will generate, and you will be able to acquire you ssh key
This command --
ssh-keygen -t rsa -b 4096 -C "youremail#example.com"
I am on a Windows Machine
Its okay to be on a Windows machine, but you should run these commands from a Git Bash window and not a windows command prompt or an anaconda command prompt. That maybe your real problem.
how to run commands like ftp or sftp or scp in background? Also how to setup password less connection for running these command?
Look for manual pages for scp or rsync, which both can do this job well, if not being forced you don't want to use sftp or even the non encrypted ftp file transfer!
something like the following, for example:
rsync [some other parameters] -e ssh SOURCE TARGET
Assuming these commands are coming from a bash script , you would need to make sure that the two (or more ) systems have ssh certificates generated that allow you to access said systems without providing a "password" per se.
Briefly, you could do it by running this command on one system:
ssh-keygen
following through, this will generate a key. Then run:
ssh-copy-id user#some-remote-system
to copy it to the remote system, which will allow passwordless access, enabling scripts to go about their business without stalling for password prompts.
I'm configuring VIM to execute a rsync after saving a file, synchronizing my server with my dev laptop. It doesn't work because rsync prompts for my password, even if I've already set up a public key login. How to fix this?
If you are using ssh-connection with rsync, you can always set up a passwordless connection for it. [Here][1] are some nice tutorials. It can be done on windows too, via PuTTY, PLink, Pageant, etc. Read the docs.
Instead of using vim for this, how about using incron? It ships with most modern Linux distributions and will sync any changes, not just those you do in vim.
Explicitly define which ssh-key you are to use with ssh -i:
:nnoremap <expr> <D-s> ':w!<cr>' . ':!rsync -r -e ssh -i /home/user/.ssh/id_rsa ~/Folder/* user#my_ssh_server.com:~/Folder/ &<cr>' . ':!osascript ~/applescripts/chromereload.scpt &<cr>'
Or you could you try to set your shell variable to interactive, i.e. use ~/.bashrc++ (man bash). Not really sure if it has any effect.
:set shell=/bin/bash\ -i
And/or define an alias in your ~/.bashrc if needed. Maybe combine it with whatever chromereload.scpt does.
alias vimsync='rsync -r -e ssh -i /home/user/.ssh/id_rsa ~/Folder/* user#my_ssh_server.com:~/Folder/'
More information:
vim -- not recognizing aliases when in interactive mode?
I haven't tried this but it should work:
Put this into your ~/.ssh/config file:
ControlMaster auto
ControlPath ~/.ssh/cm_socket/%r#%n:%p
ControlPersist 300
KeepAlive yes
ServerAliveInterval 60
Create the directory ~/.ssh/cm_socket and ssh into the server from another terminal. Now when you ssh into the server again it should use the same socket and no password is required, so your rsync command should work without password.
how can i make git auto enter my passphrase when i signed tags. is there an option like --
passphrase "my long passphrase", i did try using ssh-keygen but it did not help.
the Repository is on local and everything is done locally.
As mipadi says, it is your GPG key password that is being requested. You really don't want that on your command-line as you suggest, as that may make it visible to other users and hence compromise your security. Knowing this, the creators of gpg and git don't let you shoot yourself in your foot like that. Of course, that prompts the question of how to do this in an automated fashion so that you don't kill yourself typing your password a hundred times.
The gpg-agent is very useful for this. You may need to install that separately from gpg (e.g., on Ubuntu, you want package gnupg-agent). Then make sure ~/.gnupg/gpg.conf contains the line (uncommented):
use-agent
With the gpg-agent installed, your system may automatically invoke it for you. If the environment variable GPG_AGENT_INFO is defined, then you're good to go. Otherwise, start the agent:
eval $(gpg-agent --daemon --sh)
(That's for bash; adjust as required for other shells.)
Now when you need to unlock your GPG key, you should get a popup window (or some other method) for you to enter your password. Once entered, you shouldn't need to enter it again, as all other requests will go to the agent, which has already unlocked your key.
You're being asked for your GPG keychain password, not your SSH password. Enter than instead.
in case anyone was interested, I did found a way for my problem.
1.Create new /usr/bin/gpg-with-passphrase with this contents
/usr/bin/gpg --passphrase "My Really Long passphrase" --batch --no-tty "$#"
2.make the new /usr/bin/gpg-with-passphrase executable
chmod 755 /usr/bin/gpg-with-passphrase
3.add this option to git config
git config gpg.program "/usr/bin/gpg-with-passphrase"
use "--global" for global
this way i dont have to enter my Long passphrase each time i sign a tag.