Consider you are deploying an application on a server which is maintained by Git versioning system. You clone the git repository through your own credentials and setup the system. When you run
git pull, it will ask for credentials again. This is certainly not what you are looking out, right? You want something by which you can pull the changes without anyone's credentials. The answer is -
connecting to git via SSH.
Surely, this is not the only one use case where you can make use of this feature. It can also help you in use cases like building pipelines. Now that we have a bit of context, let's understand how it works.
✋ For simplicity, we are assuming that the client machine is running on Linux operating server. This assumption is only for the commands that we run on operating system. The steps for configuring SSH for git remains the same irrespective of the operating system. For other operating systems, you can use respective commands to achieve the results.
SSH is a protocol by which you can connect and authenticate to remote servers and services. SSH establishes a secured connection between two parties(client and server), authenticating each side to the other, and passing commands and output back and forth. With SSH keys, you can connect to Git hosting servers(e.g GitHub, BitBucket) without supplying your username or password at each visit.
Understanding the SSH workflow is out of the purview of this post, hence we will restrict our discussions to the topic.
When you set up SSH, you create a key pair - private and public keys. Private key is saved to your local computer, generally in
.ssh folder. Public key is passed (uploaded) to the server to authenticate the request.
Before creating new keys, you can check if you already have key pair created.
$ ls -al ~/.ssh # Lists the files in your .ssh directory, if they exist
Check the directory listing to see if you already have a public SSH key. By default, the filename of the public key ends with
If you don't have an existing public and private key pair, or don't wish to use existing keys, then generate a new SSH key by following the steps below:
- Generate key using
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/guest/.ssh/id_rsa):
Configuring the key
You will be asked to customize filename and passphrase. You can just hit Enter if you want to keep the defaults. The whole interaction will look similar to the following:
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/guest/.ssh/id_rsa): Created directory '/home/guest/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/guest/.ssh/id_rsa. Your public key has been saved in /home/guest/.ssh/id_rsa.pub. The key fingerprint is: 4c:80:61:2c:00:3f:9d:dc:08:41:2e:c0:cf:b9:17:69 email@example.com The key's randomart image is: +--[ RSA 2048]----+ |*o+ooo. | |.+.=o+ . | |. *.* o . | | . = E o | | o . S | | . . | | . | | | | | +-----------------+
- Verify the keys that have been created by listing the directory
$ ls ~/.ssh id_rsa id_rsa.pub
You will get a pair of key filenames as an output.
id_rsa is the private key and
id_rsa.pub is the public key.
If you don't want to type your password each time you use the key, you'll need to add it to the ssh-agent.
# start the ssh agent $ eval `ssh-agent` Agent pid 9700 # add your private key (the filename without .pub) $ ssh-add ~/.ssh/id_rsa
Once you have created your key pair, it is time to add your public key to git hosting server to authenticate you ssh communication. You can follow the steps in the link for adding keys to GitHub and BitBucket (Step 4)
SSH git URL of your repository (e.g.
firstname.lastname@example.org:repo/project.git) and change
remote-url on your client machine in your project root folder as:
# listing current remote-url $ git remote -v origin https://email@example.com/repo/project.git (fetch) origin https://firstname.lastname@example.org/repo/project.git (push) # change the url $ git remote set-url origin email@example.com:repo/project.git # verify if url changed by listing again $ git remote -v origin firstname.lastname@example.org:repo/project.git (fetch) origin email@example.com:repo/project.git (push)
Voila! You have done all the configurations, now it's time to verify if the keys are working. You can verify by performing
git pull in your project root folder. It should not ask for any credentials
Congratulations! 👏 You have successfully set up SSH for your git repository. Leave a comment if you face any issues.
See ya! until my next post 😋