Web lists-archives.com

Re: egit and RSA keys for SSH




Aaron Hicks <HicksA@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> We have a git repository set up with gitosis and it requires RSA
> keys to authenticate developers who have rights to push to this
> repository. i.e. they are blessed with write privileges. Github
> uses a similar method.
> 
> We use Eclipse, so we would like Eclipse to integrate with Git. So
> we grabbed egit from http://www.jgit.org/update-site and used the
> Eclipse installer (Like we do all the other Eclipse plug-in, given
> that the egit/jgit sites don't give instructions otherwise it seems
> to be the thing to do).
> 
> The problem is I can't see how to associate an RSA key in order
> to authenticate the SSH login with our gitosis repository (or
> GitHub). We have PuTTY installed and use Pageant to manage keys, and
> the required key is already loaded.

Unfortunately both PuTTY's Pageant and OpenSSH's ssh-agent are
not supported from JSch, which is the SSH client used within JGit,
which is what is underneath EGit.  Consequently, you can't use the
agent to manage your keys.

>From within Eclipse, if you go to Window > Preferences > General >
Network Connections > SSH2 you can configure your RSA keys.  But,
these keys are configured globally for the workspace, i.e. its
more like loading the key into the agent than it is about binding
a particular key to a particular host.

To force binding a key to a host, use ~/.ssh/config.  JGit knows
how to read this file on startup and uses the Host blocks to do
some configuration control over the connection.

E.g. if you use a URL like "git@xxxxxxxxxxxxxxxxxxxxx:foo.git"
then you can put the following in your ~/.ssh/config to force using
a specific SSH key:

  Host gitserver.example.com
    IdentityFile .ssh/id_gitkey

Note that ~/.ssh/config is cached on startup of EGit, so you'll
need to completely restart the Eclipse workspace after making any
changes to it.

-- 
Shawn.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html