SSH keys
SSH keys are necessary to login to the Gerrit and GitLab servers to push code to.
Generating a new SSH key
Follow the instructions below to create one if you do not already have one in /.ssh
.
To make sure whether you need to generate a brand new key, let's check if an SSH key already exists on your system.
Run this command in a terminal:
ls ~/.ssh
The command will list the files that are in the (hidden) .ssh
directory.
If the directory already exists on your system and if the output lists a file called id_ed25519.pub
, then you can go directly to #Copy your SSH Public key.
To generate a new SSH key, open a terminal then enter the command below and replace user@example.com with your own email address. We want the default settings so when asked to enter a file in which to save the key, just press ↵ Enter.
ssh-keygen -t ed25519 -C "user@example.com"
Enter a strong and unique passphrase and press the ↵ Enter key.
- Why do passphrases matter?
- Passwords aren’t very secure. If you use one that’s easy to remember, it’s easier to guess or brute-force. If you use one that’s random it’s hard to remember, so you might write the password down. Both are very bad. This is why you’re using ssh keys. But using an ssh key without a passphrase is basically the same as writing down that random password in a file on your computer. Anyone who gains access to your drive has gained access to every system you use that key with. That's why you also add a passphrase. To not enter a long passphrase every time you use the key, there’s a tool called
ssh-agent
. It can save your passphrase securely. If you use macOS or Linux, then your keys can be saved in the system’s keychain to make your life even easier.
The ssh-keygen
command will create 2 files in ~/.ssh
directory:
~/.ssh/id_ed25519
- your private SSH key (for identification)~/.ssh/id_ed25519.pub
- your public SSH key
Copy your SSH Public key
Get the content of your public key file (e.g. id_ed25519.pub
) to copy it to your clipboard:
One option is to open your public key file with your favorite text editor (Notepad, TextEdit, gedit, etc.).
In the file chooser dialog of your text editor, you may need to turn on “View hidden files” to find the file, because the .ssh
directory is hidden.
Sometimes the “View hidden files” option is available by right-clicking in the file chooser dialog.
Other options are:
- On Linux, run
cat ~/.ssh/id_ed25519.pub
and manually copy the output to the clipboard. - On Windows, you can open Git GUI, go to Help 🡒 Show Key, and then press "Copy To Clipboard" to copy your public key to your clipboard.
- On macOS, you can run
pbcopy < ~/.ssh/id_ed25519.pub
to copy the contents of the your public key file to your clipboard.
It’s important you copy your SSH Public key exactly as it is written, without adding any newlines or whitespace. Copy the full text, including the "ssh-ed25519" prefix, the key itself, and the email address suffix.
Add SSH Private key to use with Git
Permission denied
when trying to push code.Start the Git Bash command line.
- Start the ssh-agent service
eval `ssh-agent`
- Be sure to use the accent
`
, not the single quote'
. (You could copy and paste from this page if you cannot easily enter this special character.) Note also that if you are using an alternative shell in Linux (for example the Fish shell), this command may not work; switching to Bash will fix the issue.
- Add your private key to the agent.[1] If you followed the steps above and your key has the default name
id_ed25519
, then the command is:
ssh-add ~/.ssh/id_ed25519
- If you get
WARNING: UNPROTECTED PRIVATE KEY FILE!
, runchmod 600 ~/.ssh/id_ed25519
and then rerun the above command.
For macOS see CodeX article.
- ↑ If as a Ubuntu user you have a "Permission denied (publickey)" message, please check on this help page