I need to have multiple keys in my client to access two different accounts on Repository hosting. See https://redefy.repositoryhosting.com/support -> How do I manage multiple accounts with multiple keypairs on my client?
I do not understand how to change between different ssh keys in Git on Windows, can anybody help me?
I assume you use git bash and openssh.
Like what it's written in the article, you can make a configuration file for ssh client that lists all of your accounts. You can write the following configuration in your own ssh client configuration file in ~/.ssh/config
Host account-one
HostName server.example.com
User user-one
IdentityFile ~/.ssh/key-one
Host account-two
HostName server.example.com
User user-two
IdentityFile ~/.ssh/key-two
What it says is you define two, kind of, "host aliases" named account-one and account-two. If you use them, when making connection, the ssh client will use the corresponding HostName, User, and IdentityFile for the server address, username, and ssh key file. With this you can use them to access your accounts and keys at even the same server.
In git, you can define two remotes using them
$ git remote add one account-one:repository.git
$ git remote add two account-two:repository.git
then you can push to those remotes
$ git push one master
$ git push two master
Which key is used for which server is handled by the SSH program that git is using to connect. In the default setup this should be the command line SSH client (openSSH?).
Using openSSH you can configure particular keyfiles for particular hosts in the ~/.ssh/config file:
Host foo.example.com
IdentityFile ~/.ssh/foo.example.com-id_rsa
Host bar.example.com
IdentityFile ~/.ssh/bar.example.com-id_rsa
Where ~/.ssh/*.example.com-id_rsa are the private key files for each server.
I hope this helps.
On Windows you should try Pageant an SSH authentication agent for PuTTY, PSCP, PSFTP, and Plink. This tool can manage yout ssh keys and its pass-phrases.
To use it together with Git you have to install Putty and link to the plink.exe setting the GIT_SSH variable.
Install Putty and friends (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)
Set GIT_SSH
set GIT_SSH=<path-to-plink.exe>
Start Pageant and add you keys
Run Git
hth
Daniel
In my case, I use
Host account-one
User git
not
Host account-one
User user-any
I'll answer this a little indirectly. I have previously used git bash and I've found that when I'm using git via the git bash shell, that it behaves just like a mac or linux bash shell. Meaning, when using git bash, that I can answer your question like:
'If you use git bash, you can manage multiple accounts just as you would if you were on linux or mac, using ssh-agent/ssh-add and friends'
Related
I'm trying to configure git so I don't have to keep authenticating (and also learn a bit more about git).
I had previously been using password-based authentication, which is repetitive to keep typing in my passwords. I followed the steps (using windows) to set up SSH keys in github. I gave my key a specific name, anticipating that I will need more than one SSH key at some point. It doesn't make sense to always have id_rsa for github! I received the email that the key was successfully created, and I used git bash (because windows) to start the SSH client silently and added my private key. But running a git clone gave me this error:
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
I then had the idea to try it with the default name (id_rsa), rather than my custom name, and of course it works. So my question is how do I avoid this? I don't want the default name to be reserved for github.
You can set up an ssh configuration file to tell the ssh command to use that specific key when connecting to github.
Create the file .ssh/config with the content:
Host github.com
IdentityFile ~/.ssh/github_rsa_key
Assuming that you've named your private key ~/.ssh/github_rsa_key.
Now try connecting to github:
$ ssh git#github.com
You should see:
Hi <your github username>! You've successfully authenticated, but GitHub does not provide shell access.
I have set remote using git remote set-url but if it includes username, git works fine on terminal and doesn't work in Xcode. If url was set without username, it works only in Xcode, but doesn't work in terminal.
The error showing in the shell without username is ERROR: Repository not found.
The Xcode error with included username is The remote repository could not be accessed and username in dialog box is git without ability to change
I did not change ~/.ssh/config after OS update. user.name and user.email are set for --local only, no changes here as well.
$ git remote set-url origin git#github.com-UserName:repo/project-name.git
//Remote commands work only in Shell
$ git remote set-url origin git#github.com:repo/project-name.git
//Remote commands work only in Xcode
Where is the problem, how can I fix this issue and get it working in both Xcode and the shell?
PS: Yesterday I had only one of my repos working in both Xcode and shell when set url without username (other repos was working as described only either in terminal or xcode), but after minor Mac OS update (just 12.2->12.2.1) it works the described way also now like others. Have no idea what additionally was set but know it's possible to get working both Xcode and Terminal at least.
UPD: If I change Host from github.com-UserName to github.com I am losing ability to use both repos simultaneously in Terminal because only one repo for added ssh keys works.
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/github-User-1
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/github-User-2
//Terminal:
$ ssh-add --apple-use-keychain ~/.ssh/UserName-1
$ ssh-add --apple-use-keychain ~/.ssh/UserName-2 //Only repo with this one will work, another will show `ERROR: Repository not found` as both hosts are same.
UPD 2: Looks like Xcode is just ignoring ~/.ssh/config file and just using set remote url as is, not replacing Host name with the actual url.
The URL git#github.com-UserName can only work if you have a ~/.ssh/config file with a Host github.com-UserName entry in it, which reference the right private key to use (the same private key that XCode has in its settings)
Simply rename that Host entry to Host github.com, and the git#github.com:user1/project-name.git should work in command line (as well as with XCode)
If you have more than one repository for the same user, you don't need to add anything to your ~/.ssh/config file.
git#github.com:user1/project-name.git
git#github.com:user1/project2-name.git
git#github.com:user1/project3-name.git
...
If you have more than one user, make sure the Host entry is different than the first in ~/.ssh/config:
Host gh1
Hostname github.com
User git
IdentityFile ~/.ssh/gh1
Host gh2
Hostname github.com
User git
IdentityFile ~/.ssh/gh2
This supposes you have generated two SSH keys, one named gh1, with gh1.pub added to user1, and one named gh2, with gh2.pub added to user2.
ssh-keygen -f ~/.ssh/gh1 -t rsa -P ""
ssh-keygen -f ~/.ssh/gh2 -t rsa -P ""
Finally, use for the repo1 owned by user1
git clone gh1:user1/repo1
# or, for an existing repo1 clone
cd /path/to/local/repo1
git remote set-url origin gh1:user1/repo1
And for repo2, owned by user2
git clone gh2:user1/repo2
I have a Github account with multiple projects.
I have cloned these projects to my windows 10 computer using ssh key.
some time later, it appear my ssh keys were compromise so i delete my ssh on Github and locally, then regenerate new ones :
4096 bits
rsa2
saved the pub as ~/.ssh/git_id_rsa.pub
add the pub key to my Github ssh keys
saved the priv as ~/.ssh/git/git_id_rsa.ppk
converted to Openssh format as ~/.ssh/git_id_rsa
the fact is I want different ssh keys for my different web tools (one for GitHub, one for DigitalOcean, one for OVH cloud, etc...) and I want to specify witch key to use when connecting to each host. thats why I change the default name for the ssh generated with PuttyGen (and converted with the same).
I don't have passphrase on the git_id_rsa.ppk (nor git_id_rsa) keys, as it seems that GitHub dont like them (saw long time ago).
I've configure my (projecytdir)/.git/config like bellow :
[remote "origin"]
url = git#github.com:hdGuild/JenkinsServerOnDO.git
fetch = +refs/heads/*:refs/remotes/origin/*
identityfile= ~/.ssh/git_id_rsa
But when I try a Git Pull, I've got the following error :
git#github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Following the following answers I've created the ~/.ssh/config file with the following (using OpenSSH key for GitHub), and it works :
Host github.com
IdentityFile ~/.ssh/git_id_rsa
The fact is that if I need the ~/.ssh/config file, why would I need to configure my local git with (projecytdir)/.git/config as I describe it above ?
I would like to configure my local git to use the right ssh key for Github, without having to explain it in my ~/.ssh/config file.
I'm sure it is (again) a configuration problem and I miss something somewhere, but I can't find where.
Please help :)
thank-you
Okay,
As previously, I answer my own question :D
After some more research, I found this post that explain how to specify in Git local config file, the ssh key to use for git sh connection.
The command is simply, in the above explained case, the following while in project directory :
git config core.sshCommand "ssh -i ~/.ssh/git_id_rsa -F /dev/null"
This way, the git_id-rsa will be used by git for ssh connections on this particular project (as it is a local configuration).
Thank-you for reading.
I'm trying to get multiple Bitbucket accounts working from the same machine via SSH.
In my .ssh\config file, I have:
Host account1.bitbucket.org
Hostname bitbucket.org
PreferredAuthentications publickey
IdentitiesOnly yes
IdentityFile ~/.ssh/account1
Host account2.bitbucket.org
Hostname bitbucket.org
PreferredAuthentications publickey
IdentitiesOnly yes
IdentityFile ~/.ssh/account2
Then I'm changing the remote for the git repo to use the alias:
git#account1.bitbucket.org:myUserName/myRepoName.git
git#account2.bitbucket.org:myUserName/myRepoName.git
Then in Pageant (in the system tray), I'm adding both my PPK keys.
Unfortunately if I've added both keys to Pageant, only one of the accounts work.
If I only have one key in Pageant at a time, then it'll work for whichever Bitbucket account I added to Pageant.
So it looks like pageant isn't using the correct key if there's more than one key in its list.
Any ideas on why it's doing this?
This link on Atlassian Answers explains how to use PuTTY and SSH with multiple bitbucket account:
One way to resolve this is to perform the same configuration in PuTTY
too to disambiguate what key to send (and therefore which user to
authenticate as).
Start PuTTY (download it from putty.org if you don't have it)
Type 'bitbucket.org' in the host name field
Go to Connection > SSH > Auth in the tree
Specify the key to use for the BB user
Go back to 'Session' in the tree
Type an alias name underneath 'Saved Sessions' (e.g. bb-user1) and
Save
Repeat 2-6 for each BB user and save as a different session name
Then in your remote URLs, replace 'bitbucket.org' with the session
name (e.g. bb-user1) to disambiguate what SSH key to send first. This
is identical to using IdentityFile in OpenSSH.
Finally, you can add the keys in pageant to cache the key passcodes.
I got this working by not using Pageant. I'm using Sourcetree as a Git GUI, and in the options, there's a dropdown saying whether to use OpenSSH or Putty/Plink.
Based on the description by Steve Streeting here:
https://answers.atlassian.com/questions/164479/sourcetree-support-multiple-ssh-keys
It sounds like Pageant doesn't use the .ssh\config configuration anyway.
By changing to OpenSSH, then regenerating the keys using ssh-keygen, and adding the private keys via Sourcetree's "Tools .. Add SSH Keys" menu, this is now working perfectly using different keys across multiple accounts. I just need to alter the remote url of each git repo to use the correct alias in the config file (as described in my initial post).
Update:
I've written a blog post about this here:
http://www.danclarke.com/multiple-ssh-keys-for-git/
I'm able to authenticate, generate, push etc just fine with my SSH keys and Moovweb credentials on my Mac and Linux machines.
However, on my Windows machine, using Git Bash, I get an SSH Permission denied (publickey) error. The error message is below:
$> moov generate 123dsfsdsf nytimes.com
Running environment checks.
Verifying that git is installed...OK
Checking that current 123dsfsdsf directory doesn't exist...OK
Registering project with MoovCloud.
Authenticating with MoovCloud.
Checking for git access...Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
FAILED
> Need to upload an ssh key in order to generate a project...
Found the following SSH public keys:
1 ) id_rsa.pub
2 ) new_rsa.pub
Which would you like to use with your Moovweb account? 2
Uploading public key...
Successfully uploaded public key new_rsa.pub as 'firstname.lastname#GGT.local'
You are now ready to push projects to MoovCloud!
Creating project in MoovCloud...OK
Generating files...OK
Cloning project locally.
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Enter passphrase for key '/Users/firstname.lastname/.ssh/id_rsa':
Cloning into '123dsfsdsf'...
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
ERROR: Error cloning git repo: exit status 128
Please try cloning the repository (git clone moov#git.moovweb.com:firstnameglastname/123dsfsdsf.git) again later.
Try 'moov help generate' to find out details.
Seems like a Windows-specific SSH error. Any workarounds?
So as mentioned in prior answers, the Permission denied error in Windows is because you are trying to use a key other than id_rsa.
Windows lacks the bells and whistles that Linux and Mac have to try out all your public keys when trying to connect to a server via SSH. If you're using the ssh command, you can tell it which key to use by passing the -i flag followed by the path to the key to use:
ssh -i ~/.ssh/moovweb_rsa moov#git.moovweb.com
The above command should work just fine if you've uploaded moovweb_rsa.pub to the console (either via the moov login command or the console UI). However, trying any git related commands should fail because Git doesn't give you the ability to chose which key to use when connecting to the git remote. Because of this, SSH is forced to use the default key, id_rsa, and if that key doesn't work (or doesn't exist), then the connection fails with a permission denied error.
One possible solution, as suggested in other answers, is to simply rename your key to id_rsa. For most people, this is a fine solution. However, if you already have an id_rsa key and you would prefer to use a different key with Moovweb, you can edit your ~/.ssh/config file by adding the following contents:
Host git.moovweb.com
IdentityFile ~/.ssh/moovweb_rsa
If you append the above lines to your ~/.ssh/config file (create it if it doesn't exist), you should be able to successfully get Git to communicate with the Moovweb remote git server. The config basically tells SSH that for the given host (git.moovweb.com), SSH should use the given key rather than the default.
It's worth nothing that this happens to all Git remotes; interactions with Github, Heroku, etc... also suffer through this problem in Windows. You could easily extend your ~/.ssh/config file to use separate SSH keys for each one of those services if you so desired:
Host git.moovweb.com
IdentityFile ~/.ssh/moovweb_rsa
Host github.com
IdentityFile ~/.ssh/github_rsa
Host heroku.com
IdentityFile ~/.ssh/heroku_rsa
Quick & dirty solution: use only the default id_rsa.pub key
Some notes:
make sure you enter the right passphrase to id_rsa.pub
do not use your other key, new_rsa.pub
It turns out that Windows Git Bash doesn't quite come with all the cool utilities Mac/Linux users are used to. Specifically, you don't have ssh-agent running to help handle multiple keys. Without ssh-agent, the git command only seems to use the default id_rsa.pub key.
You can verify this is an SSH/Windows issue following Github's awesome SSH troubleshooting guide. You'll get a Permission denied (publickey) no matter which SSH/Git server you try to connect to.