I keep most of my personal projects on BitBucket by Atlassian. As a natural choice, I use SourceTree app (their product) as git GUI client on Windows, and I'm happy with it. For projects where ssh git is available, I prefer ssh over https. SourceTree plays very well with projects hosted on BitBucket. Although it offers both of ssh agents: OpenSSH or PuTTY, its default selection is PuTTY/Plink (perhaps because PuTTY is more Windows-familiar).
Recently my establishment requested to host some projects on its own server. At first look it's a git server using GitLab opensource. I can use SourceTree with project hosted here using https just fine, however when it comes to ssh, the only choice of SSH agent is OpenSSH. The only key pair it would use (unless specified in config) is ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa (located in %USERPROFILE%\.ssh\
I've tried to:
Load ~/.ssh/id_rsa into PuTTY Key Generator
Convert it to PuTTY format (.ppk) file
Load the .ppk into Pageant (PuTTY authentication agent).
Despite the key being loaded and kept in the memory by Pageant, the connection with the server failed all the time, e.g. git: fatal: Could not read from remote repository. The only way to make it work is to start ssh-agent and ssh-add (go with OpenSSH).
Since I have Pageant running usually in the background, I find it more convenient to use (e.g. the keyphrase to open the private key is long/complex, and I don't remember it, and it can be copy-pasted from KeePass, while in the case of OpenSSH, cmd console does not allow me to paste it, too bad).
Is there anyway to make the ssh authentication to GitLab done via PuTTY instead of OpenSSH?
Did you connect to the SSH server using PuTTY before using plink? If not a reason could be that plink is refusing to connect to the server, because the ssh hostkey isn't verified yet. Another reason could be that the SSH server requires ciphers which are not supported by PuTTY. You can only find out if you connect with PuTTY with the same version as plink.
Use TortoiseGitPlink (from TortoiseGit) to circumvent this issue, as it will popup a messagebox asking whether to accept the hostkey or not.
Related
Our SVN server allows ssh connections only. How can I configure IntelliJ on Windows to connect to SVN server using svn+ssh?
In order to connect to SVN using ssh on a Windows machine, you will need to
Generate your ssh private key and upload it to your user allowed keys on the server.
Create a saved PuTTy session to use the private key file.
Download TortoiseSVN Plink to be used as SSH tunnel.
Configure IntelliJ to use TortoiseSVN to connect to your SVN server.
Here are the details of these steps.
1. Generate your private key.
You can use PUTTYGEN to generate the private key.
Then save the key in the .ssh folder in the user home directory.
If you have Windows 10, you can use Bash on Ubuntu on Windows to generate and load your private keys.
ssh-keygen -t rsa
This will generate the file ~/.ssh/id_rsa
Then load the key to the server
ssh-copy-id amr#example.com
The final step is to move the generated file from the Ubuntu subsystem path to your home directory in windows.
cp ~/.ssh/id_rsa /mnt/c/Users/amr/.ssh/
You still need to convert the key from OpenSSH to PPK format using the PUTTYGEN tool. From the tool load the file and then save the private key again in the PPK format.
2. Create a saved PuTTy session and configure it to use your private key.
Create a new session in PuTTY for login into the SVN server and change the setting of SSH/Auth to point to the private key file
3. Use Tortoise SVN Plink as the ssh tunnel
Download and install Tortoise SVN. It has a command line tool named TortoisePlink which is based on puTTY. We will use plink as the SSH tunnel for SVN.
4. Configure IntelliJ to use this SSH tunnel for Subversion.
Go to File/Settings/Version Control/Subversion then select SSH settings tab.
Select Subversion config
make sure SSH tunnel is set to $SVN_SSH ssh -q
then add the path to TortoisPlink as in the picture. Make sure to skip backslashes.
Then, you are good to go.
I have trouble getting the official Windows ADT 21.1.0 distribution to connect to a git repository. No matter what I tried(details below) it complains about host key not present in the registry and shows me no option to accept the host key. The remote server is running Gitlab and is under my control. There's no problem with connectivity or firewalls.
What I tried so far:
connecting without giving a password, with user git
connecting while giving a password, with another user
adding manually the host key in the known_hosts file that is found in the ssh home directory(Preferences->General->Network Connections->SSH2->SSH2 home).
The message is always:
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 2048 xx:xx:xx...
Connection abandoned.
RSE works without any problems, only egit gives me problems.
You could workaround the problem by not using the ssh protocol with the git server, but instead the git or http protocol.
One reason for the above message can be using a folder called "ssh" instead of ".ssh" (note the dot). Some colleague of mine experienced that, and this can easily happen when using Windows explorer, as it will silently remove the dot, when creating a folder called ".ssh". You have to use the command line instead.
I found a lot of threads about how to setup git over ssh with msysgit and putty/plink, but rubymine seems to use its own git and ssh implementation (see error message below).
Currently I have putty, msysgit, TortoiseGit and rubymine installed. My repository has two remotes:
[remote "origin"]
url = ssh://mygituser#255.255.255.255:1234/path/to/repo.git
[remote "origin_putty"]
url = putty-alias:path/to/repo.git
puttykeyfile = path/to/my/putty/keyfile.ppk
In putty the connection "putty-alias" is defined with the same user, host and port used in origin and also sets the ssh key again (might not be necessary). Using TortoiseGit to push to origin_putty works fine since it loads the putty ssh key and prompts for my passphrase. However, when I'm trying to use origin from rubymine it prompts for the password of mygituser since there is no keyfile defined.
I already tried the following solutions
Setting GIT_SSH to plink, running pageant and loading the key there (no change)
using the puttykeyfile line in the definition of origin (no change)
using origin_putty from rubymine (does not resolve putty-alias)
The reason I think rubymine uses its own ssh implementation is the error message I get on an unsuccessful authentication:
SSH: authentication methods: [publickey, keyboard-interactive, password] last successful method:
java.io.IOException: Authentication failed:
at org.jetbrains.git4idea.ssh.SSHMain.authenticate(SSHMain.java:280)
at org.jetbrains.git4idea.ssh.SSHMain.start(SSHMain.java:155)
at org.jetbrains.git4idea.ssh.SSHMain.main(SSHMain.java:135)
fatal: The remote end hung up unexpectedly
You're right: by default RubyMine uses trilead-ssh2 Java library, and is not aware about Putty settings.
You may switch to using the native SSH in the Settings | Version Control | Git | SSH Executable | Native
But note, that it doesn't work well with passphrases, so if your private key is passphrase protected, you have to use pageant or similar software.
I've just successfully built SparkleShare for windows according to guide:
https://github.com/wimh/SparkleShare/wiki
and exported my ssh public key to a server.
The problem is that I can't connect from a client behind a http_proxy to a public server with ssh running on a custom port. I had also problem with cloning any git server. I need to switch git:// protocol to http:// one. Any suggestion? Does anyone have similar experience?
This is a log file:
15:25:13 [SSH] ssh-agent started, PID=4380 Identity added:
C:\Users\MYUSER\AppData\Roaming\sparkleshare\sparkleshare.MYEMAIL.key
(C:\Users\sg0922706\AppData\Roaming\sparkleshare\sparkleshare.MYEMAIL.key)
15:25:34 [Fetcher][C:\Users\MYUSER\Documents\SparkleShare.tmp\share]
Fetchin g folder: ssh://MYGITUSER#MYHOST/MYPATH 15:25:34 [Fetcher]
Disabled host key checking MYHOST 15:25:34 [Cmd] git clone --progress
"ssh://MYGITUSER#MYHOST/MYPATH" "C:\Us
ers\MYUSER\Documents\SparkleShare.tmp\share" 15:25:37 [Git] Exit code
128 15:25:37 [Fetcher] Failed 15:25:37 [Fetcher] Enabled host key
checking for MYHOST
To get SparkleShare to use your proxy you will need to modify the config of the msysgit that is installed as part of SparkleShare. Navigate to C:\Program Files (x86)\SparkleShare\msysgit\etc and edit the gitconfig file in notepad and add the following line under the [http] tag
proxy = http://user:pass#proxyurl:port
modifying the url as required to match your settings. You can then use the "On my own server" option to add the http url of your repository.
I have a work around on this particular problem. I guess that you already successfully connected to your server via a simple SSH client (i.e. PuTTY)? With PuTTY you can easily configure an ssh connection via any kind of proxy (such as HTTP, SOCKS, Telnet, ..)
What you can do now is to specify a local "tunnel" (an SSH port forwarding rule) like this: L22 127.0.01:22 (see attachment). If you are using a ssh command line add the following option: -L 22:127.0.01:22.
So now as soon as your terminal is open and running you'll be able to reach your git server via the server url: ssh://git#127.0.0.1.
If your local port 22 is busy you can define the tunnet on a other port. i.e. if the 44 is not occupied: L44 127.0.0.1:22. The url to use in SparkleShare become ssh://git#127.0.0.1:44.
But it's a work around. I'm looking for a better solution.
I have connected to a server via SFTP using FileZilla and accepted adding the server's SSH key to the key cache in FileZilla.
How can I extract this cached key to a keyfile so that may use it through other SFTP applications that require a keyfile be made available?
I have not been able to find anything in the FileZilla documentation related to this.
If you use the standard openssh console client (cygwin or from linux), host keys are stored, one-per-line, in ~/.ssh/known_hosts. From there, it's a simple matter of figuring out which bit of that host key is needed for your library.
Putty also stores host keys, but it appears to encode them in hex. Those can be found at HKCUR\Software\SimonTatham\PuTTY\SshHostKeys
Thomas was correct. FileZilla piggybacks on PuTTY's PSFTP program and stores the saved keys encoded in a hex format at the registry key he listed (HKCUR\Software\SimonTatham\PuTTY\SshHostKeys). I needed the key in known_hosts format, so I has able to install a windows version of openssh at his recommendation and used the ssh-keyscan tool to hit the server and save the key info out in the correct format:
ssh-keyscan -t rsa <my_ftp_ip_address> > c:\known_hosts
ssh-keyscan -t dsa <my_ftp_ip_address> > c:\known_hosts
Thank you Thomas and SO!
If you'd rather use a GUI, you can snag the host key from the log window or the first-time connection popup using WinSCP FTP client: https://winscp.net/eng/docs/ssh_verifying_the_host_key
Thanks Dougman for the tip!
To further help any newcomers reading your answer.
Prior to running the ssh-keyscan, assuming the openssh is install by default, there is a few commands that needs to be run (read the quickstart/readme install for details).
Here are my commands which allow me to obtain the host key.
C:\Program Files\OpenSSH\bin>mkgroup -l >> ..\etc\group
C:\Program Files\OpenSSH\bin>mkpasswd -l >> ..\etc\passwd
C:\Program Files\OpenSSH\bin>net start opensshd
The OpenSSH Server service is starting.
The OpenSSH Server service was started successfully.
C:\Program Files\OpenSSH\bin>ssh-keyscan -t rsa vivo.sg.m.com > c:\known_hosts
vivo.sg.m.com SSH-2.0-Sun_SSH_1.1
Unless I am misunderstanding you: you don't need to.
If you connect to the server with another application (ie: PuTTY) and it has not seen the server before then you will be prompted to accept the key.
I see why you might want to do this, but each application could have it's own way to store keys.