Generate Ssh Key For Git Repo From Cli

by
  • Git version 2.15.1 (Apple Git-101) chengyuandeMBP.ssh chengyuan$ Create SSH key: check whether there is SSH $ cd /.ssh $ ls. Idrsa idrsa.pub knownhosts. It is recommended to recreate SSH whether there is one or not. Create SSH $ ssh-keygen -t rsa -C email protected // 1.
  • The preferred mechanism for accessing a private Git repository when using OpenShift is to create a unique repository SSH key. In this blog post, we will look at how to create such an SSH key, configure the GitHub hosting service to use it, and then how to have OpenShift use that SSH key when accessing the repository.
  • How to Create an SSH Key. SSH keys are generated through a public key cryptographic algorithm, the most common being RSA or DSA. At a very high level SSH keys are generated through a mathematical formula that takes 2 prime numbers and a random seed variable to output the public and private key.
  • Private Git Repositories: Part 2B - Repository SSH Keys September 4, 2017 by Graham Dumpleton In this series on using private Git repositories with OpenShift, we started out by looking at the different types of protocols that can be used when accessing a Git repository.
  • Jul 12, 2017 The way to do this is to generate and upload a private key to OpenShift, and then to authorize it with your Git hosting provider. Step 1: Create the Key. First, generate your SSH key if you don't have one. To do this, I recommend following these directions from GitHub. Key Generation using PuTTY on Windows.

In the first post of this series about using private Git repositories with OpenShift, we looked at the different types of protocols that can be used when accessing a Git repository. We also looked at how these combined with different credential types to control access to a private Git repository.

« Table of Contents. Working with SSH Keys. SSH keys are required in order to provide secure connection with the remote git host specified in the Repository Origin field which can be accessed via Connect to Git Repository or in Edit repository/integration settings).The Git Integration for Jira app uses one set of keys for accessing all configured repositories. Generating Your SSH Public Key That being said, many Git servers authenticate using SSH public keys. In order to provide a public key, each user in your system must generate one if they don’t already have one.

The preferred mechanism for accessing a private Git repository when using OpenShift is to create a unique repository SSH key. In this blog post, we will look at how to create such an SSH key, configure the GitHub hosting service to use it, and then how to have OpenShift use that SSH key when accessing the repository.

Creating a Repository SSH Key

On UNIX systems, to create an SSH key you can use the ssh-keygen command.

We want to create a unique SSH key to be used just by OpenShift to access the private Git repository. We do not want to use the SSH key as a primary identity key, nor do we want to use an existing primary identity key. This is because it will be necessary to upload the private key of the SSH key pair to OpenShift.

When running ssh-keygen we, therefore, ensure we specify that the generated key should be saved as a separate set of key pair files using the -f option. The generated key should also not have a passphrase, so supply the -N ' option so a passphrase is not requested.

The output from running the command should be similar to the following:

When an SSH key is generated, it is actually a pair of files. The first file is the public key file. Just cause 3 key generator online. In this case, this was called repo-at-github.pub.

The public key file is what we need to upload to GitHub and associate with the private Git repository.

The second file is the private key file. This was called repo-at-github.

The private key file is what we need to pass to OpenShift so that it will be able to access the private Git repository to pull down the source code.

Adding the Public Key to GitHub

To upload the public key file to GitHub, we need to visit the GitHub web console for our private Git repository.

On GitHub the term they use to refer to a repository SSH key is a Deploy key.

Visit the Settings page for the repository, and then click on Deploy keys.

Click on Add deploy key and enter a name for the repository SSH key as the Title field, and copy the contents of the public key file into the Key field. The public key file has the .pub extension, in our example repo-at-github.pub.

Leave the Allow write access option unchecked, as we only want to provide read-only access to the Git repository using this key. This ensures that even if someone has access to the private key, they will not be able to make modifications to any files hosted by the Git repository.

Press Add key and the public key file will be registered.

Registering the Private Key with OpenShift

Before we can deploy to OpenShift an application from the private Git repository, we need to register the private key with OpenShift.

To do this from the web console, go to Resources->Secrets.

This will bring up a list of existing secrets defined for the project.

Generate Ssh Key For Git Repo From Cli To Version

Click on the Create Secret button in the top right corner. This will bring up a form to enter in the details of the secret corresponding to the SSH private key.

On this form you need to set the following:

  • Ensure that the Secret Type is Source Secret.
  • Set the Secret Name. In this case, we are using repo-at-github.
  • Ensure that the Authentication Type is SSH Key.
  • Upload or paste in the contents of the private key file. This is the file without the .pub extension. In this case, the repo-at-github file.
  • Enable the Link secret to a service account option.
  • Ensure that the Service Account is set to builder.

The builder service account which the secret was linked to, is the internal user that the platform will use to build your code. It is necessary to link the secret to the service account so that it has permission to use it.

Repo

Click on Create to create the secret.

Creating an Application from the Repository

We are now ready to deploy an application using a Source-to-Image (S2I) builder. For this example we are going to use the HTTPD S2I builder.

Selecting this S2I builder from the catalog browser, we are presented with the form to provide the details for the deployment.

We fill this out with the Name for our application, and the Git Repository URL. Because we are going to rely on a repository SSH key for accessing the private Git repository, we need to make sure we use the SSH URI for the Git repository from GitHub.

Before selecting Create for the application, we first need to update settings in the advanced options. Select that link to display the advanced options settings. Find the Source Secret settings and select the secret repo-at-github that we created earlier.

Create Ssh Key For Git

For the purpose of this blog post we created the secret as a first step and then selected it as the Source Secret. If desired, one could have skipped the separate step of creating the secret, and created it direct from the advanced options page by selecting Create New Secret below the Source Secret drop down menu. This would result in a popup window into which you could enter the details of the secret.

Generate Ssh Key For Git

In that case, an option to link the secret to the builder service account would not be presented, as OpenShift will know that since it is being added when using a S2I builder, that it should do that step automatically.

Having selected the Source Secret, click on the Create button and the application will be built and then deployed, with the source code being able to be pulled down from the private Git repository over SSH using the supplied private key.

Generate Ssh Key For Git Repo From Cli Windows 10

Using Secrets from the Command Line

In this post we used the web console to create our application, including registering the private key for accessing our private Git repository hosted on GitHub. In the next post in this series, we will look at how to perform the same steps of creating the secret in OpenShift, but using the command line. We will also look at how you can add an annotation to a secret so that OpenShift automatically knows which source code repositories it should be used with.

Access the rest of the series here: