문제
I initialized a local git repository on my desktop running Linux Mint 13. To push to the repository on Assembla I need to have an ssh key.
I first try to generate a new key as such in the terminal:
https://stackoverflow.com/questions/17758969
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian$ ssh-keygen -t rsa
The response is:
Enter file in which to save the key (/home/ryan/.ssh/id_rsa):
I tried "gitrep". Then I get the following message.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
I left them blank because they are optional as far as I know, but just for the record, adding a passphrase does not change the result. Then...
Your identification has been saved in gitrep.
Your public key has been saved in gitrep.pub.
The key fingerprint is:
da:80:b9:c5:cd:50:9c:1c:49:7f:b7:db:71:92:1e:6a ryan@ryan-MS-7309
The key's randomart image is:
+--[ RSA 2048]----+
| +++ |
| .=. |
| . . . . |
| + + . . o |
| o + S =..|
| o + o =o|
| . . . E o .|
| . |
| |
+-----------------+
Now, I navigate to home/ryan/.ssh/id_rsa the folder is empty, but here's the strange thing. If I redo the above process again using the same file name for the key it adds in:
gitrep already exists.
Overwrite (y/n)?
I do not understand what is going on.
The next part of my question is what I am supposed to do with this generated file. Do I leave it where it is? Do I copy information out of it to some place on Assembla.
I apologize in advance if I have asked the question in such a way as to not follow the actual process as I am not extremely familiar with the subject.
해결책
Since you are just entering gitrep, it's just saving it in your current directory (which is apparently your home directory, judging from your example above).
Check and see if ~/gitrep and ~/gitrep.pub exist. You'll need to copy the contents of the gitrep.pub file to the destination when it asks you for your public key.
다른 팁
The original poster states (emphasis mine):
Then I get the following message.
Enter passphrase (empty for no passphrase): Enter same passphrase again:I left them blank because they are optional as far as I know, but just for the record, adding a passphrase does not change the result.
I beg to differ. Adding a passphrase encrypts your private key, so that if someone manages to steal your private key file from your computer, they still can't read and use it without the passphrase that decrypts it.
You are right that adding a passphrase it optional, but it's still highly recommended.
To illustrate the difference, let's pretend that your un-encrypted private key file contents (without a passphrase) look like this (example adapted from Improving the security of your SSH private key files)
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEArCQG213utzqE5YVjTVF5exGRCkE9OuM7LCp/FOuPdoHrFUXk
y2MQcwf29J3A4i8zxpES9RdSEU6iIEsow98wIi0x1/Lnfx6jG5Y0/iQsG1NRlNCC
aydGvGaC+PwwWiwYRc7PtBgV4KOAVXMZdMB5nFRaekQ1ksdH/360KCGgljPtzTNl
09e97QBwHFIZ3ea5Eih/HireTrRSnvF+ywmwuxX4ubDr0ZeSceuF2S5WLXH2+TV0
... etc ... lots of base64 blah blah ...
-----END RSA PRIVATE KEY-----
This value stored in your private key can be used to impersonate yourself to any 2nd party who you've given your public key to (in this case Assembla). It's basically as if a hacker had stolen the password to your account and used it to login as you...in the SSH world, this is the equivalent to that.
Now, let's hypothetically say that if you had encrypted the same private key above with a passphrase, then the file contents would look like this (again adapted from Improving the security of your SSH private key files):
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,D54228DB5838E32589695E83A22595C7
3+Mz0A4wqbMuyzrvBIHx1HNc2ZUZU2cPPRagDc3M+rv+XnGJ6PpThbOeMawz4Cbu
lQX/Ahbx+UadJZOFrTx8aEWyZoI0ltBh9O5+ODov+vc25Hia3jtayE51McVWwSXg
wYeg2L6U7iZBk78yg+sIKFVijxiWnpA7W2dj2B9QV0X3ILQPxbU/cRAVTd7AVrKT
... etc ...
-----END RSA PRIVATE KEY-----
Do you see how the contents look different from the un-encrypted file? This makes your private key useless to anyone who happens to steal it, unless they also happen to have the passphrase that decrypts it back to its unencrypted form.
This is the reason that GitHub gives for Why you need a passphrase for your private SSH key:
Passwords aren't very secure, you already know this. If you use one that's easy to remember, it's easier to guess or brute-force. If you use one that's random, it's hard to remember and thus you're more inclined to write the password down. Both of these are Very Bad Things™. This is why you're using ssh keys.
But using a key without a passphrase is basically the same as writing down that random password in a file on your computer. Anyone who gains access to your drive has gained access to every system you use that key with. This is also a Very Bad Thing™. The solution is obvious, add a passphrase.
In the same help article, they explain how to use the *nix utility ssh-agent to automatically store your passphrase during a terminal session so that you don't have to keep entering it every time you use your private key to make an SSH request.
When you are at this step:
"Enter file in which to save the key (/home/ryan/.ssh/id_rsa):"
You should just accept the default and save your key in your home directory (/home/ryan) in the .ssh folder as id_rsa. Then you public key will be located at /home/ryan/.ssh/id_rsa.pub <--- this key is the one you want to upload to your Assembla account.
Now that you have your ssh key stored in the default location, you will not have to do anything else to utilize it.
With it uploaded to your Assembla account, you will be able to then git clone:
git clone git@git.assembla.com:repo_name
When you answer "gitrep", you are saving the key to this file, in your current directory, I assume home dir (/home/ryan).
