SSH keys and Git
Some systems such as source control repositories (e.g: GitLab, Bitbucker, GitHub, etc.) support SSH authetication. You can learn more about SSH Public Key Authentication and its advantages over traditional user-password authentication here.
Generate SSH Keys
The purpose of this post is to help you quickly generate a pair of SSH keys (public and private) with a Linux console (e.g: any Linux system or Linux terminal in Windows such as Git Bash).
ssh-keygen -b4096 -t rsa
By default, the private and public keys will have been created on $HOME/.ssh
Copy-paste the public key inside id_rsa.pub
onto the server you want to authenticate your host with (e.g: for GitLab go to the SSH keys section at your profile’s settings)
Every time you need to authenticate against the remote server your bash console will prompt you for credentials.
Change Passphrase
If you need to change your paraphrase your key won’t change. Simply run the following command on your bash.
ssh-keygen -p -f ~/.ssh/id_rsa
Remember Passphrase
Sometimes it is a bit annoying having to enter the passphrase each time we want to access the remote server for whatever read or write operation. A trick to make our life easier is to add a script that triggers when our session starts (e.g: when the git bash opens for first time), prompts for the passphrase and remembers it during the whole session.
To do so create a file called profile under your $HOME
directory
env=~/.ssh/agent.env
agent_load_env () { test -f "$env" && . "$env" >| /dev/null ; }
agent_start () {
(umask 077; ssh-agent >| "$env")
. "$env" >| /dev/null ; }
agent_load_env
# agent_run_state: 0=agent running w/ key; 1=agent w/o key; 2= agent not running
agent_run_state=$(ssh-add -l >| /dev/null 2>&1; echo $?)
if [ ! "$SSH_AUTH_SOCK" ] || [ $agent_run_state = 2 ]; then
agent_start
ssh-add
elif [ "$SSH_AUTH_SOCK" ] && [ $agent_run_state = 1 ]; then
ssh-add
fi
unset env
declare -x SSH_ENV="$HOME/.ssh/environment"
# start the ssh-agent
function start_agent {
echo "Initializing new SSH agent..."
# spawn ssh-agent
ssh-agent | sed 's/^echo/#echo/' > "$SSH_ENV"
echo succeeded
chmod 600 "$SSH_ENV"
. "$SSH_ENV" > /dev/null
ssh-add
}
# test for identities
function test_identities {
# test whether standard identities have been added to the agent already
ssh-add -l | grep "The agent has no identities" > /dev/null
if [ $? -eq 0 ]; then
ssh-add
# $SSH_AUTH_SOCK broken so we start a new proper agent
if [ $? -eq 2 ];then
start_agent
fi
fi
}
# check for running ssh-agent with proper $SSH_AGENT_PID
if [ -n "$SSH_AGENT_PID" ]; then
ps -f -u $USERNAME | grep "$SSH_AGENT_PID" | grep ssh-agent > /dev/null
if [ $? -eq 0 ]; then
test_identities
fi
else
if [ -f "$SSH_ENV" ]; then
. "$SSH_ENV" > /dev/null
fi
ps -f -u $USERNAME | grep "$SSH_AGENT_PID" | grep ssh-agent > /dev/null
if [ $? -eq 0 ]; then
test_identities
else
start_agent
fi
fi
Then create another file .profile
also under $HOME
directory.
source ~/profile
This script will be automatically executed as soon as the user’s bash session starts and it will execute the previous one. The passphrase will be asked only the first time.