worg-git-ssh-key.org 3.8 KB

#+TITLE: Creating a SSH-key for a new user #+AUTHOR: Worg people #+EMAIL: mdl AT imapmail DOT org #+STARTUP: align fold nodlcheck hidestars oddeven lognotestate #+SEQ_TODO: TODO(t) INPROGRESS(i) WAITING(w@) | DONE(d) CANCELED(c@) #+TAGS: Write(w) Update(u) Fix(f) Check(c) #+LANGUAGE: en #+PRIORITIES: A C B #+CATEGORY: worg #+OPTIONS: H:3 num:nil toc:t \n:nil @:t ::t |:t ^:nil -:t f:t *:t TeX:t LaTeX:t skip:nil d:(HIDE) tags:not-in-toc [[file:index.org][{Back to Worg's index}]] To push commits to the Worg repository at https://code.orgmode.org/bzg/worg you need to have a SSH key. What's that and how can you create one? * Public and private keys #+index: Public key #+index: Private key A /public key/ is like a door lock, and a /private key/ is like the key. =Repo.or.cz= is asking you for the /public key/, that means, they ask you to provide a lock, and they will install your lock in their server. Then, with your /private key/ you will be able to open a connection to the server. Your /private key/ may be easy to use: just /have it/, and you can use it to open the lock. But suppose you lose it; then it's not secure anymore; any person which has the key (which is a file) can connect to the server supplanting your identity. Therefore, at the computer we do that the /private key/ has a /password/ (also called "passphrase"). Then, you do not only need to possess the key to open the lock; you also need to know how to use it (that means, you must have the /public key/ *and* know the password). So: *use a passphrase* for more security. * Steps to create your private and public keys #+index: ssh-keygen 1. Run =ssh-keygen= with no parameters. If you want to change the encryption algorithm used, see [[RSA or DSA?][the section below]]. 2. /Location of the key/: just press enter 3. /Passphrase of the key/: enter your new password; the one you will type each time to be able to connect. You can have no password at all, but it's not recommended; read the description at the introduction to know why. 4. Now you have 2 new files: - =id_rsa=: that's your new private key. Don't share it! - =id_rsa.pub=: that's your new /public key/. You can distribute it. - You will also see a /fingerprint/ (like =31:c0:5a:92:70:5e:91=... etc). 5. Look at the public key. If you don't like the user name which appears at the end, re-run =ssh-keygen -C "comment that you want" = * RSA or DSA? #+index: RSA #+index: DSA You can decide if at the key creation you want to use the algorithm RSA or the algorithm DSA. If you know which one you like, you're lucky; use it! If not, decide one; both will work. By default, =ssh-keygen= uses RSA, but you can use =ssh-keygen -t dsa= to use DSA. * Appendice: How to use this key to create an account on =repo.or.cz=? *Note*: this section was useful when worg.git was hosted on =repo.or.cz= instead of =orgmode.org=, before december 2011. We leave it here, so that it is useful for other project than Worg. 1. Copy and paste the /public/ key (the contents of =id_rsa.pub=) in the text box in http://repo.or.cz/reguser.cgi 2. In "/login/", write the user name you want to have in this server 3. Write also your e-mail 4. Click the button "/Register/" 5. Now you must ask the administrator to give you "push"-access: to allow you to upload contents to the project. 6. If you chose a user name for =repo.or.cz= that is different than your login name, you might adjust the ssh client to use the user name for =repo.or.cz= name when connecting. This can be done by putting two lines like these in the file =.ssh/config=: #+begin_src conf Host repo.or.cz User #+end_src # ---------------------------- # # Started at 11.12.2007 by Daniel Clemente. This text is in the public domain.