I have various GitHub accounts and for each account I have SSH set up. So under ~/.ssh I have a public and private key for each account.
I want to use the GitHub CLI, but I am not sure how I can tell the CLI to use a particular SSH key.
In case it is relevant, this is what I get when I run ssh-add -l:
Example Scenario
I want to run gh repo create on GitHub account B, but for some reason, the repo got created on GitHub account A. Is there a way I can tell gh what account to use?
if you have different GitHub users the gh-cli won't be very effective. as #phd commands like gh repo create require logging in via an auth token. https://cli.github.com/manual/gh_auth_login
Switching contexts between accounts (i.e. github.com/user1 and github.com/user2) def doesn't seem supported so you'd have to hack around loging in and out each time every time you switched.
But configuring which ssh key git should use can be configured easily enough in some combo of ~/.ssh/config .gitconfig and/or setting the GIT_SSH_COMMAND env var before running git commands.
Related
So, I am new to the GitLab server. Now, what I want to achieve is this:
Allow access to repositories only on certain ssh-keys. There are a limited no of machines and a limited no of users, so if a user adds an ssh-key outside these sets of keys, the repo should not clone there. Because my team size is small, I am okay if I only add those public keys to the account.
I am fine with the idea of ssh access but currently, as an admin, I lose the freedom to conveniently track or choose which all ssh-keys can access my repo. Can I disable users from adding ssh keys?
Is there any other way to ensure this? Would instead of having ssh enabled access HTTPS with whitelisting IP-enabled access work?
GitLab was, in the beginning (2011) based upon gitolite, but switched to its own mechanism in 2013.
Nowadays, it is best to declare a GitLab project private and add users to said project: that way you won't have to manage SSH or HTTPS access: any user who is not part of that project won't be able to see it/clone it (HTTPS or SSH).
In other words, repository access is no longer based on SSH keys (not for years), but is based on project visibility.
The OP adds:
even if a user is part of a project, he should only be able to clone the project on certain remote machines.
That is not a Git or GitLab feature, which means you need:
to restrict Git protocols on GitLab to SSH only
change the gitlab-shell SSH forced command script in order to allow commands only coming from some IPs
There is access to group by IP address restriction feature, since GitLab 12.0 (June 2019), but... only in GitLab Ultimate (meaning: "not free").
I'm running a CI machine on AppCenter and need to allow read/write access to a private BitBucket repository but I can't figure out how to do this.
My approach is to create an ssh key and during CI builds add the private key to the machine ssh-agent using ssh-add -K (mac machine).
I've created an ssh key on my local computer (mac) using ssh-keygen and uploaded the .pub key to BitBucket. Then as my CI runs I'm trying to take the private key and add it to the ssh-agent but I'm being prompt to enter a password and can't figure out how to inject it in a non-interactive shell mode.
Is this the right approach to grant access to BitBucket in CI? if so, how can I add an ssh key without being prompt to enter a password?
Scripts are in Ruby or Bash.
The repo contains certificates used for Fastlane Match
Answering my own question...
I ended up using BitBucket AppPasword and cloning via https. I think there has to be a better way but this work for my needs at the moment.
I needed access from my CI to a private BitBucket certificates repo to use with Fastlane Match, the value in my MatchFile forgit_url that allows me to clone the repo is:
git_url "https://{BITBUCKET_USER}:{BITBUCKET_APP_PASSWORD}#bitbucket.org/{BITBUCKET_USER}/{REPO}.git"
You can obtain a bitbucket app password by clicking your profile (Avatar) -> Settings -> App Passwords
I am trying to avoid typing the password every time I want to pull or push from a gitlab repository. Therefore I followed https://docs.gitlab.com/ee/ssh/ but still, now every time I want to pull something it still asks me to provide the password for my remote gitlab repository.
Any clue on how to fix this issue?
Are you sure you are using the SSH link for your repository? It is like: git#gitlab.com:YOUR-USER/YOUR PROJECT.git
We use Vagrant boxes for development. For every project or small snippet we simply start a new box and provision it with Ansible. This is working fantastic; however, we do get into trouble when connecting to a private Bitbucket repository within a bower install run.
The solution we have now is to generate a new key (ssh-keygen), accept all defaults (pressing <return>, <return>, <return>) and then grab the public key (cat ~/.ssh/id_rsa.pub). Copy it, go to Bitbucket, view your account and add this new ssh key. And repeat for every new box you instantiate.
We have to do this because of some closed source packages (hosted on Bitbucket) we install via Bower. We do have another experience, which is much better: composer (php's package manager) and private Github repositories. With that setup, you have to enter your username/password/2fa token via the command line and an OAuth token is generated for you. This works great.
So, is there a way we can mitigate this bower/bitbucket/ssh issue? For obvious reasons I don't want to provision the boxes with a standard private key, but there has to be another solution?
While I'm not sure that my situation is as complex as yours (I'm not using Ansible or Bower), I solved this problem by using the Vagrant ssh forward agent. This blog post gives you the details on how to get it working:
Cloning from GitHub in Vagrant using SSH agent forwarding
So as long as each of the developers has access on their local machines to the bitbucket repos, it should work.
Although there is a number of questions on the topic, I'm not getting anywhere....
I need to access an existing repo on Github from an alternate machine and I'm having trouble setting it up.
So I have installed Github and ran:
git config global --user.name
git config global --user.email
git init
git clone git#github.com:user/repo.git
I'm getting Permisson Denied (publickey)
Which I guess is due to me not having provided my SSH key. I have the key here, but no clue, what to do.
Question:
How to do I supply the SSH key to be able to connect my 2nd PC to my git repo.
Thanks!
You need to register another ssh key with github for the second computer.
Go here and add another key. This page explains the process.
You can switch to https authentication if you don't want to generate another pair of key or transfer your existing one to the new box.
You will need to change your clone command to following: git clone https://github.com/user/repo.git
Their help section has a nice step-by-step guide to setting up your machin: https://help.github.com/articles/generating-ssh-keys#platform-all.
Specifically, see step 4 for instructions on how to import a new key.