#+TITLE: Creating a SSH-key for a new user
#+AUTHOR: Worg people
#+EMAIL: mdl AT imapmail DOT org
#+STARTUP: align fold nodlcheck hidestars oddeven lognotestate
#+SEQ_TODO: TODO(t) INPROGRESS(i) WAITING(w@) | DONE(d) CANCELED(c@)
#+TAGS: Write(w) Update(u) Fix(f) Check(c)
#+LANGUAGE: en
#+PRIORITIES: A C B
#+CATEGORY: worg
#+OPTIONS: H:3 num:nil toc:t \n:nil @:t ::t |:t ^:nil -:t f:t *:t TeX:t LaTeX:t skip:nil d:(HIDE) tags:not-in-toc
[[file:index.org][{Back to Worg's index}]]
To push commits to the Worg repository at https://code.orgmode.org/bzg/worg you
need to have a SSH key. What's that and how can you create one?
* Public and private keys
#+index: Public key
#+index: Private key
A /public key/ is like a door lock, and a /private key/ is like the
key. =Repo.or.cz= is asking you for the /public key/, that means, they
ask you to provide a lock, and they will install your lock in their
server. Then, with your /private key/ you will be able to open a
connection to the server.
Your /private key/ may be easy to use: just /have it/, and you can use
it to open the lock.
But suppose you lose it; then it's not secure anymore; any person which
has the key (which is a file) can connect to the server supplanting your
identity.
Therefore, at the computer we do that the /private key/ has a /password/
(also called "passphrase"). Then, you do not only need to possess the
key to open the lock; you also need to know how to use it (that means,
you must have the /public key/ *and* know the password).
So: *use a passphrase* for more security.
* Steps to create your private and public keys
#+index: ssh-keygen
1. Run =ssh-keygen= with no parameters. If you want to change the
encryption algorithm used, see [[RSA or DSA?][the section below]].
2. /Location of the key/: just press enter
3. /Passphrase of the key/: enter your new password; the one you will
type each time to be able to connect. You can have no password at
all, but it's not recommended; read the description at the
introduction to know why.
4. Now you have 2 new files:
- =id_rsa=: that's your new private key. Don't share it!
- =id_rsa.pub=: that's your new /public key/. You can distribute it.
- You will also see a /fingerprint/ (like =31:c0:5a:92:70:5e:91=... etc).
5. Look at the public key. If you don't like the user name which appears
at the end, re-run =ssh-keygen -C "comment that you want" =
* RSA or DSA?
#+index: RSA
#+index: DSA
You can decide if at the key creation you want to use the algorithm RSA or
the algorithm DSA.
If you know which one you like, you're lucky; use it!
If not, decide one; both will work.
By default, =ssh-keygen= uses RSA, but you can use =ssh-keygen -t dsa= to
use DSA.
* Appendice: How to use this key to create an account on =repo.or.cz=?
*Note*: this section was useful when worg.git was hosted on =repo.or.cz=
instead of =orgmode.org=, before december 2011. We leave it here, so that
it is useful for other project than Worg.
1. Copy and paste the /public/ key (the contents of =id_rsa.pub=) in the
text box in http://repo.or.cz/reguser.cgi
2. In "/login/", write the user name you want to have in this server
3. Write also your e-mail
4. Click the button "/Register/"
5. Now you must ask the administrator to give you "push"-access: to
allow you to upload contents to the project.
6. If you chose a user name for =repo.or.cz= that is different than your
login name, you might adjust the ssh client to use the user name for
=repo.or.cz= name when connecting.
This can be done by putting two lines like these in the file
=.ssh/config=:
#+begin_src conf
Host repo.or.cz
User
#+end_src
# ----------------------------
#
# Started at 11.12.2007 by Daniel Clemente. This text is in the public domain.