I already have an SSH key, it is I use it with GitHub, but they have provided me with another one to enter a server on AWS, a RedHat 7.
It was actually a .ppk to use with PuTTY, but with the generator I converted it to an SSH key.
I have added it and it worked correctly, the problem is that every time I want to use it I have to add it again, and I don't know why I forgot it.
Thank you very much.
I have to add it again
It depends by what you mean by "add it".
If it is ssh-agent add, you only need to do that when the private key is passphrase protected.
if it is "adding to the remote server ~/.ssh/authorized_keys", you only need to do that once, with the public key associated to/derived from the private key.
Related
While signing up for Amazon EC2 and enabling ssh, I have to create and download a private key (.pem) and a secret access key.
How are they different? What different functions do they have?
You need to read a good tutorial on SSH, but here is a summary:
The Access Key ID and Secret Access Key are like a username and password. They allow you to "do stuff" on the AWS API using the commandline tools or code you write.
The private key (.pem) is like a password for talking (SSH) to an individual box that you have launched. (i.e. not "AWS itself", but "your box within AWS".) You can have different passwords to different boxes if you want, but most of the time you only need one.
If you know how SSH works, they are just putting down ~/.ssh/known_hosts with the public part of your key, allowing you to log in for the first time. You can change that file later to add more users or rotate your SSH keys.
This question already has answers here:
Git clone / pull continually freezing at "Store key in cache?"
(10 answers)
Closed 5 years ago.
I have a remote repo which I want to clone. I've set up pageant.exe and added private key. Also added GIT_SSH variable which points to plink.exe. And after clone command I get such output
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
...
If you trust this host, enter "y" to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, enter "n".
If you do not trust this host, press Return to abandon the
connection.
Store key in cache? (y/n)
When typing y or n nothing happens, console just hangs and I have to terminate the command with Ctrl+C
Why this happens and how to fix this?
After several hours of investigation I finally found a solution.
The putty has to know smth about the host you're connecting to, namely host must be known_host to putty. Putty stores information about know_hosts under
HKEY_CURRENT_USER\SoftWare\SimonTatham\PuTTY\SshHostKeys registry key. To force putty to add information about that host to registry key we can by accessing via putty.exe using your private key. On first access putty will ask you to add that host to known_hosts. After that git clone command finishes successfully.
Maybe this will be helpful for somebody, because it's not obvious from the first glance
I use console2 in combination with git bash in order to interact with my local git repositories and by extension several github and bitbucket repositories also.
I use an ssh key pair to authenticate myself to these services, howevermy ssh key pair has an associated password.
This morning I found that I was no longer required to enter this password n my laptop in order to complete the authentication process.
I did some testing and it seems that the same key present on my desktop machine still requires me to enter my password.
So my question is.... why am I no longer required to enter my password on my laptop in order to authenticate with these servers?
Sounds like you have ssh-agent (sshagent.exe) running.
It is a small utility which allows you to enter your key's passphrase once and it then holds it "unlocked" for further use without you needing to re-enter the passphrase each time. Killing it will cause the original behaviour.
ssh-agent comes along with ssh in a standard msysgit installation. I'm not sure if something's changed that now means it's used by default or not though. Another explanation as to why it's running might be if you've installed posh-git and ran a Powershell session. By default (I believe - it's been a while), it'll run at the start of the session and ask for your key's passphrase. I use it every single day with this configuration as my passphrase is quite long... :-)
Something to do with having git-credential-winstore installed on your laptop?
I can't get the system of managing ssh keys.
I want to push application to Heroku, so I tried to push but get error.Here is my log
$ git push heroku master
! Your key with fingerprint bf:f6:ed:14:9d:cd:52:a2:a3:16:b2:e9:b4:f2:bf:ba is not authorized to access warm-samurai-6574.
fatal: The remote end hung up unexpectedly
User#PK /e/examples (master)
$ heroku keys:add
Found existing public key: C:/Users/User/.ssh/id_rsa.pub
Uploading SSH public key C:/Users/User/.ssh/id_rsa.pub
!This key is already in use by another account. Each account must have a unique key.
User#PK /e/examples (master)
$ heroku keys
=== 1 key for denys.medynskyi#gmail.com
ssh-rsa AAAAB3NzaC...etyxYh4Q== User#PK
Every account has own ssh key. So I can push from any computer, because ssh key is pushing to heroku ?
Every application on heroku should have own ssh key or not ?
Basically, your computer has an SSH key. However, the SSH key on it is associated with another Heroku account (different from the one you are using now). Your best bet would be to generate a brand new SSH key and add it to Heroku.
Just make a new SSH key on your machine and upload it to Heroku:
$ ssh-keygen
Make sure to save it as '/Users/User/.ssh/new_id_rsa.pub' when the prompt asks you.
$ heroku keys:add /Users/User/.ssh/new_id_rsa.pub
This should allow you to use Heroku.
As for your other questions: you can push to Heroku from any computer as long as you add the computer's SSH keys through heroku keys:add. And no, every application does not need to have it's own SSH key.
Your computer has an SSH key, but that SSH key is associated with another Heroku account. If you need to use both accounts for different applications on the same computer you should make a new SSH key on your machine and upload it to Heroku:
$ ssh-keygen
Make sure to save it as '/Users/User/.ssh/new_id_rsa.pub' when the prompt asks you.
$ heroku keys:add /Users/User/.ssh/new_id_rsa.pub
You then need to add another host to your ~/.ssh/config:
Host heroku-alt
HostName heroku.com
IdentityFile ~/.ssh/new_id_rsa
And then update the .git/config in your project to use the host alias:
[remote "heroku"]
url = git#heroku-alt:myapp.git
fetch = +refs/heads/*:refs/remotes/heroku/*
By choosing between heroku and heroku-alt in the remote of the .git/config files of specific projects you can manage which projects use which credentials.
Heroku requires an SSH key to be unique to an account. Two accounts cannot have the same ssh key.
You can do ONE of these to solve your issue:
Unlink the ssh key from the other heroku account. Chances are you are not using that account. This is path of least resistance.
Delete the existing keys. Generate a new ssh public/private key pair. Advantage is you will retain the default name for keys and thus it will be automatically found by any application you use.
Generate a new ssh public/private key pair and save it alongside your existing keys. The disadvantage is, these two keys will have a custom name. If you end up using these keys often, you will need to locally set configure ssh to use these instead of the default id_rsa. This does require some work and might get involved.
Which you choose really depends on you.
If you choose the third option, refer this answer https://superuser.com/a/272613/25665 for how to configure ssh locally to always use the new keys for heroku. In case you are wondering why bother with this, well, you will be interacting with heroku by pushing to a git repository. That requires you to be authenticated using ssh. By default it will use the older keys and you wont be able to push. Its just easier to instead tell ssh to use the alternate key when interacting with warm-samurai-6574.heroku.com
The following link has instructions on creating a new key. You will need to either accept the default names or give custom ones depending on which option you chose.
https://devcenter.heroku.com/articles/keys
Can you push from any computer?
Again, it depends. If the computer has your ssh keys and its configured to use your keys for the heroku domain, then yes. You can instead choose to not copy your keys there and simply add the ssh keys present there to your heroku account.
Does each app require a unique key?
No. You can have multiple apps under one heroku account. They all will share the keys you upload to your heroku account.
Let me see if I understand this correctly.
Most of the replies are agree on that the ssh keys we are using for git identifies the computer, because the suggestion they made is to regenerate the key on the other computer and upload it to Heroku.
From my point of view the SSH key should identify me as a developer of the app, and this is what creates the confusion. This means I have to bring my private and public keys with me and use it on any computer I use which can be accomplished with a pendrive or something similar.
So my suggestion is: copy your public and private keys with you, put them in the computer you want to use for pushing to Heroku and protect your private key with a password.
Just a little bit curious, why PuTTY use its own version of private key format to do SSH?
The author of PuTTY gives two main reasons for having the custom key format on this page.
In short:
PuTTY's format stores the public half of the key in plaintext, which allows PuTTY to send the public key to the server automatically.
The key is fully tamperproofed with the help of a Message Authentication Code.