SSH Key - MappingSystem/Tutorial-Buka-Toko GitHub Wiki
Lihat daftar key di GitHub
Lihat daftar key di local PC
$ ls -al ~/.ssh
- id_dsa.pub
- id_ecdsa.pub
- id_ed25519.pub
- id_rsa.pub
$ ssh -vT [email protected]
$ ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -C "[email protected]"
$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/chetabahana/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/chetabahana/.ssh/id_rsa.
Your public key has been saved in /home/chetabahana/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx [email protected]
The key's randomart image is:
+---[RSA 4096]----+
| ..=o.o ..o |
'''
$ ls -al ~/.ssh
total 104
drwx------ 2 chetabahana docker 4096 Mar 30 15:04 .
drwxr-xr-x 8 chetabahana docker 4096 Mar 30 05:37 ..
-rw------- 1 chetabahana docker 3326 Mar 30 15:04 id_rsa
-rw-r--r-- 1 chetabahana docker 747 Mar 30 15:04 id_rsa.pub
$ clip < ~/.ssh/id_rsa.pub
Jika ingin ubah passphrase
ssh-keygen -p
Copy dan masukkan id_rsa.pub ke GitHub lalu tes sbb
$ ssh -T [email protected]
Enter passphrase for key '/home/chetabahana/.ssh/id_rsa': xxxxxxxxx
Hi chetabahana! You've successfully authenticated, ......
Anda dapat mengamankan kunci SSH dan mengkonfigurasi SSH Agent otentikasi sehingga Anda tidak perlu memasukkan kembali passphrase Anda setiap kali menggunakan kunci SSH.
- Jika Anda pakai GitHub Desktop tidak perlu langkah ini, agent akan start otomatis.
- Jika pakai terminal lain ikuti cara Auto-launching ssh-agent.
$ eval $(ssh-agent -s)
Agent pid 5054
$ ssh-add ~/.ssh/id_rsa
Enter passphrase for /home/chetabahana/.ssh/id_rsa: xxxxxxxxx
Identity added: /home/chetabahana/.ssh/id_rsa (/home/chetabahana/.ssh/id_rsa)
$ ssh-add -l
SHA256:xefGz0.../wmtCvyIVLdqNtJOGX..... /home/chetabahana/.ssh/id_rsa (RSA)
$ ssh -T [email protected]
Hi chetabahana! You've successfully authenticated,
#!/usr/bin/expect -f
spawn ssh-add /home/chetabahana/.ssh/id_rsa
expect "Enter passphrase for /home/chetabahana/.ssh/id_rsa:"
send "[passphrase]\n";
expect "Identity added: /home/chetabahana/.ssh/id_rsa (/home/chetabahana/.ssh/id_rsa)"
interact
instal expect
$ sudo apt-get --assume-yes install expect
$ expect ~/.ssh/agent
Agent pid 5516
spawn ssh-add /home/chetabahana/.ssh/id_rsa
Enter passphrase for /home/chetabahana/.ssh/id_rsa:
Identity added: /home/chetabahana/.ssh/id_rsa (/home/chetabahana/.ssh/id_rsa)
Jika masih belum bisa koneksi coba langkah berikut
- Buka Control Panel dari menu Start
- Pilih Akun Pengguna
- Pilih "Kelola kredensial Anda" di menu sebelah kiri
- Hapus kredensial yang terkait dengan Git atau GitHub
- Kemudian ulangi dari awal lagi..
- Jika Anda pakai Build configuration overview.
cloudbuild.yaml
- name: "gcr.io/cloud-builders/gcloud"
args: ["compute", "ssh", "${_USER_NAME}@${_INSTANCE_NAME}", "--zone", "${_ZONE}",
"--command", "pwd"]
- name: 'gcr.io/cloud-builders/gsutil'
args: ["cp", "-rPv", "/builder/home/.ssh", "gs://${_BUCKET_NAME}/builder/"]
substitutions:
_ZONE: us-central1-c
_USER_NAME: chetabahana # default value
_BUCKET_NAME: appspot.chetabahana.com
_INSTANCE_NAME: backend # default value
_DOCKER_DIRECTORY: /home/chetabahana/.docker # default value
Starting Step #1
Step #1: Already have image (with digest): gcr.io/cloud-builders/gcloud
Step #1: WARNING: The public SSH key file for gcloud does not exist.
Step #1: WARNING: The private SSH key file for gcloud does not exist.
Step #1: WARNING: You do not have an SSH key for gcloud.
Step #1: WARNING: SSH keygen will be executed to generate a key.
Step #1: This tool needs to create the directory [/builder/home/.ssh] before
Step #1: being able to generate SSH keys.
Step #1:
Step #1: Do you want to continue (Y/n)?
Step #1: Generating public/private rsa key pair.
Step #1: Your identification has been saved in /builder/home/.ssh/google_compute_engine.
Step #1: Your public key has been saved in /builder/home/.ssh/google_compute_engine.pub.
Step #1: The key fingerprint is:
Step #1: SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX root@XXXXXXXXXX
Step #1: The key's randomart image is:
Step #1: +---[RSA 2048]----+
Step #1: | .+X .++|
Step #1: | .o.oo=+|
Step #1: | o o .=E|
Step #1: | . . = +.+|
Step #1: | x S + .o =.|
Step #1: | * + . .. + =|
Step #1: | o O = . o.|
Step #1: | X B |
Step #1: | .x B . |
Step #1: +----[SHA256]-----+
Step #1: Updating project ssh metadata...
Step #1: ...............................................................................
..............Updated [https://www.googleapis.com/compute/v1/projects/chetabahana].
Step #1: .done.
Step #1: Waiting for SSH key to propagate.
Step #1: Warning: Permanently added 'compute.XXXX' (ECDSA) to the list of known hosts.
Step #1: /home/chetabahana
Finished Step #1
Starting Step #2
Step #2: Already have image (with digest): gcr.io/cloud-builders/gsutil
Step #2: Copying file:///builder/home/.ssh/google_compute_known_hosts \
[Content-Type=application/octet-stream]...
Step #2: / [0 files][ 0.0 B/ 222.0 B]
/ [1 files][ 222.0 B/ 222.0 B]
Created: gs://appspot.chetabahana.com/builder/.ssh/
google_compute_known_hosts#1555082519040128
Step #2: Copying file:///builder/home/.ssh/google_compute_engine \
[Content-Type=application/octet-stream]...
Step #2: / [1 files][ 222.0 B/ 1.9 KiB]
/ [2 files][ 1.9 KiB/ 1.9 KiB]
Created: gs://appspot.chetabahana.com/builder/.ssh/
google_compute_engine#1555082519405651
Step #2: Copying file:///builder/.ssh/google_compute_engine.pub
[Content-Type=application/octet-stream]...
Step #2: - [2 files][ 1.9 KiB/ 2.2 KiB]
- [3 files][ 2.2 KiB/ 2.2 KiB]
Created: gs://appspot.chetabahana.com/builder/.ssh/
google_compute_engine.pub#1555082519727233
Step #2: Operation completed over 3 objects/2.2 KiB.
Finished Step #2
PUSH
DONE
$ gsutil ls gs://appspot.chetabahana.com/builder/.ssh/
gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine
gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine.pub
gs://appspot.chetabahana.com/builder/.ssh/google_compute_known_hosts
$ gsutil ls -alR gs://appspot.chetabahana.com/builder/.ssh/
gs://appspot.chetabahana.com/builder/.ssh/:
1675 2019-04-12T15:21:59Z gs://appspot.chetabahana.com/builder/.ssh/
google_compute_engine#1555082519405651 metageneration=1
399 2019-04-12T15:21:59Z gs://appspot.chetabahana.com/builder/.ssh/
google_compute_engine.pub#1555082519727233 metageneration=1
222 2019-04-12T15:21:59Z gs://appspot.chetabahana.com/builder/.ssh/
google_compute_known_hosts#1555082519040128 metageneration=1
TOTAL: 3 objects, 2296 bytes (2.24 KiB)
cloudbuild.yaml
steps:
- name: "gcr.io/cloud-builders/gsutil"
args: ["cp", "-rv", "gs://${_BUCKET_NAME}/builder/.ssh", "/builder/home/"]
- name: "gcr.io/cloud-builders/gcloud"
args: ["compute", "ssh", "${_USER_NAME}@${_INSTANCE_NAME}", "--zone", "${_ZONE}",
"--command", "pwd"]
substitutions:
_ZONE: us-central1-c
_USER_NAME: chetabahana # default value
_BUCKET_NAME: appspot.chetabahana.com
_INSTANCE_NAME: backend # default value
_DOCKER_DIRECTORY: /home/chetabahana/.docker # default value
timeout: "1800s"
Starting Step #0
Step #0: Already have image (with digest): gcr.io/cloud-builders/gsutil
Step #0: Copying gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine...
Step #0: / [0 files][ 0.0 B/ 1.6 KiB]
/ [1 files][ 1.6 KiB/ 1.6 KiB]
Created: file:///builder/home/.ssh/google_compute_engine
Step #0: Copying gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine.pub
Step #0: / [1 files][ 1.6 KiB/ 2.0 KiB]
/ [2 files][ 2.0 KiB/ 2.0 KiB]
Created: file:///builder/home/.ssh/google_compute_engine.pub
Step #0: Copying gs://appspot.chetabahana.com/builder/.ssh/google_compute_known_hosts
Step #0: / [2 files][ 2.0 KiB/ 2.2 KiB]
-
- [3 files][ 2.2 KiB/ 2.2 KiB]
Created: file:///builder/home/.ssh/google_compute_known_hosts
Step #0:
Step #0: Operation completed over 3 objects/2.2 KiB.
Finished Step #0
Starting Step #1
Step #1: Already have image (with digest): gcr.io/cloud-builders/gcloud
Step #1: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Step #1: @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
Step #1: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Step #1: Permissions 0644 for '/builder/home/.ssh/google_compute_engine' are too open.
Step #1: It is required that your private key files are NOT accessible by others.
Step #1: This private key will be ignored.
Step #1: Load key "/builder/home/.ssh/google_compute_engine": bad permissions
Step #1: Permission denied (publickey).
Step #1: ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
Finished Step #1
ERROR
ERROR: build step 1 "gcr.io/cloud-builders/gcloud" failed: exit status 255
$ gsutil cp --help
-P Menyebabkan atribut POSIX yang akan dipertahankan ketika objek berada
disalin. Dengan fitur ini diaktifkan, gsutil cp akan menyalin bidang
disediakan oleh stat. Ini adalah ID pengguna pemilik, grup
ID grup pemilik, mode (izin) file, dan
waktu akses / modifikasi file. Untuk unduhan, ini
atribut hanya akan ditetapkan jika objek sumber diunggah
dengan bendera ini diaktifkan.
Pada Windows, flag ini hanya akan mengatur dan mengembalikan waktu
akses dan modifikasi. Ini karena Windows tidak memiliki
Gagasan POSIX uid / gid / mode.
-R, -r Opsi -R dan -r identik.
Penyebab direktori,
bucket, dan subdirektori bucket untuk disalin secara rekursif.
Jika Anda lalai untuk menggunakan opsi ini untuk mengunggah, gsutil
akan melakukannya salin semua file yang ditemukannya dan lewati
direktori mana pun. Demikian pula,
lalai menentukan opsi untuk unduhan akan menyebabkan
gsutil untuk menyalin objek apa pun di direktori bucket saat ini
tingkatkan, dan lewati setiap subdirektori.
$ mkdir dummy
$ export BOTO_CONFIG=/dev/null
$ export BUCKET_NAME=appspot.chetabahana.com
$ gsutil cp -rv gs://${BUCKET_NAME}/builder/.ssh dummy
$ chmod 400 dummy/.ssh/*
$ gsutil cp -rPv dummy/.ssh gs://${BUCKET_NAME}/builder
Copying file://dummy/.ssh/google_compute_known_hosts [Content-Type=application/octet-stream]...
Created: gs://appspot.chetabahana.com/builder/.ssh/google_compute_known_hosts#1557034548447582
Copying file://dummy/.ssh/google_compute_engine.ppk [Content-Type=application/octet-stream]...
Created: gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine.ppk#1557034548618063
Copying file://dummy/.ssh/google_compute_engine [Content-Type=application/octet-stream]...
Created: gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine#1557034548912606
Copying file://dummy/.ssh/google_compute_engine.pub [Content-Type=application/octet-stream]...
Created: gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine.pub#1557034549362622
Operation completed over 4 objects/3.7 KiB.
$ rm -rf dummy
Starting Step #0
Step #0: Already have image (with digest): gcr.io/cloud-builders/gsutil
Step #0: Copying gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine...
Step #0: / [0 files][ 0.0 B/ 1.6 KiB]
/ [1 files][ 1.6 KiB/ 1.6 KiB]
Created: file:///builder/home/.ssh/google_compute_engine
Step #0: Copying gs://appspot.chetabahana.com/builder/.ssh/google_compute_engine.pub
Step #0: / [1 files][ 1.6 KiB/ 2.0 KiB]
/ [2 files][ 2.0 KiB/ 2.0 KiB]
Created: file:///builder/home/.ssh/google_compute_engine.pub
Step #0: Copying gs://appspot.chetabahana.com/builder/.ssh/google_compute_known_hosts
Step #0: / [2 files][ 2.0 KiB/ 2.2 KiB]
/ [3 files][ 2.2 KiB/ 2.2 KiB]
Created: file:///builder/home/.ssh/google_compute_known_hosts
Step #0: Operation completed over 3 objects/2.2 KiB.
Finished Step #0
Starting Step #1
Step #1: Already have image (with digest): gcr.io/cloud-builders/gcloud
Step #1: /home/chetabahana
Finished Step #1
PUSH
DONE
- https://console.cloud.google.com/compute/metadata/sshKeys
- https://cloud.google.com/compute/docs/instances/connecting-to-instance
- https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys