Criag didn't have this configured for gitlab/github or any other computers. Having a public/private ssh key-pair is usefull for accessing machines and services securly without needing a password, plaintext or otherwise. Here is a recipe for generating a public-private keypair that can be used with gitlab, github etc. The public key is pasted into the remote service (aka github) and forms the basis for a good secure communication and simplifies pulling and pushing.
TL;DR
cd ~/.ssh/
ssh-keygen -t rsa -b 4096 -C “label”
Where label = is some label to help you remember what service/computer it corresponds to. I use the format "usr:service" or “email@address” to identify which git or computer I’m keypaired with.
When prompted give name “id_rsa_namehere" and password. Then copy the public part of the key to your clipboard
pbcopy <~/.ssh/id_rsa_namehere.pub
(case using linux)
xclip ~/.ssh/id_rsa_namehere.pub
Pastes clipboard to remote service, i.e. github, gitlab, other computer etc. (You can find a place to paste ssh keys in the settings/security tab of these services)
Now Add private key (the non .pub file) to local Mac keychain
ssh-add -K id_rsa_namehere
Finally test to see if it works with an ssh test
ssh -T git@github.com (or other user@website relevant combination)
Detailed instructions/explanation:
Generating a key pair:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com”
-C flag stands for comment, can be used to label what the ssh key is used for. Best to use an email or somthing you will remember.
If you hit enter you get a default name. But is best to give a unique name. Once you have a few different keys it can be hard to tell what is what. Choose something like ‘id_rsa_github' if it is used for github etc. File will be saved to .ssh/id_rsa* which is where you want it. [Here an below * indicates wildcard if you have changed the name]
It will also ask for a password, this is a good idea.
You need to add the key to the active ssh-agent service (change id_rsa if you named it something different). To add to your mac’s keychain (so that it can be loaded automatically on terminal session start) do the following:
ssh-add -K ~/.ssh/id_rsa*
where id_rsa* is the name you gave your key file (note: this is the private part of the key-pair, do not store this in any public location. If you find it any publicly location, purge it and start again)
Add the following to your .bash_profile or .bashrc config files located at ~
cd ~
ssh-add -A
You may need system/user password
Now when you start terminal it will load all the key’s you’ve added. If keychain is not open it will prompt for your keychain passwords.
IMPORTANT:
There will be two files generated from ssh-keygen, your private key id_rsa* and your public key id_rsa*.pub. Make sure you only give the public key to the remote machine/service. If you accidentally reveal through ANY plaintext communication then burn it and run ssh-keygen to make a new one.
Setting up remote git/computer:
Copy the public key to clipboard:
pbcopy < ~/.ssh/id_rsa*.pub
and paste to remote computer/website.
Then test it using something like
ssh -T git@github.com
replace server username and address with whatever you are adding your ssh key to
Note: purge clipboard if it stores a history.
You now have a public/private key pair for secure communications. Use it for github or ssh into machines that you use very frequently. It is as secure as your local machine.
Some other things
To see what saved keys you have try
ssh-add -l
To delete all cached keys
ssh-add -D
|