Git SSH setup notes - Oliver-Mustoe/Oliver-Mustoe-Tech-Journal GitHub Wiki
In this page I detail how I configured git on a few different machines, configured my local repositories, and worked with ssh (creating a script.)
Notes
Git: Linux Setup
(NOTE: any instance of (BOLD) in this section near code indicates that a different command to run on web-01, it is included with this setup since they are about the same except for a certain instance.)
First I installed git on docker01 with the command:
- sudo apt install git (sudo yum install git)
Then I cloned my GitHub repository with the command (My repository is public, if it was private a different process would be required):
- sudo git clone https://github.com/Oliver-Mustoe/Oliver-Mustoe-Tech-Journal
From here I can use the commands outlined in the section "Pushing/Pulling with git" if I wished to modify the repository or sync my local and remote repositories.
Git: Windows Setup
First I downloaded the 64-bit version of the git installer from here, link, and opened the installer.
In the installer I left everything default except for changing the default editor to notepad (for ease of use).
I then opened then opened "Git Bash" and ran the command to clone my repository:
(NOTE: This will popup a page that asks for GitHub credentials, this is normal and you should enter the credentials for the account)
From here I can use the commands outlined in the section "Pushing/Pulling with git" if I wished to modify the repository or sync my local and remote repositories.
Pushing/Pulling with git
NOTE: Everything in an instance of "()" in this section is NOT code but asking you to insert your own information that it requires, such as a name of a file.
First I would generate a personal access token, link to website, by clicking "Generate new token" > adding a note > setting an expiration date > selecting the scopes of what this token should be able to do, hint: look at the descriptions > click "Generate token" > copy the token.
I then would edit the repo directory in some way, afterwards I would run the following command to add the edited files to a que to be pushed to the remote repository:
- git add (ADD EDITED FILE/S HERE, USING "." WILL ADD EVERYTHING IN YOUR CURRENT DIRECTORY)
Then I would commit these changes with a comment telling what I was changing them for with the command:
- git commit -m "(ADD COMMENTS HERE)"
Finally I would push the edits to the remote repository with the command:
- git push
It will then ask for my username, including the "-", then it would ask for my password where I would copy and past my personal access token into the field. If I am using PuTTY then I can right click into the terminal window and it will paste what I have copied.
On any other machines that I have the same local repository on, I will run the following command to update my local repository to match the remote repository:
- git pull
I can also use the following command if my local and remote repos get desynced but there have not been any changes made to the local that I wish to push to the remote, essentially setting local and remote to be the same:
- git checkout
SSH
First, on the machine I wished to SSH FROM, I created a RSA Keypair with the following command (the "-c" indicates a comment):
- ssh-keygen -t rsa -C "sys265"
I then saved the file to the default location and did NOT enter a password (just press enter).
Then I created the following directory structure in my local repo: linux/public-keys
I then copied my public key to the newly created directory > sent it to the remote repo, look in "Pushing/Pulling with git", > changed to the computer I wish to SSH INTO and pulled the newly made key.
Then I ran the following code to create a user that can be SSH'd into without a password:
#!/bin/sh
#secure.ssh.sh
#Author: oliver
#Creates a new ssh user
#Adds a public key from the local repo
# Prompts the user for a username
read -p "Please enter your desired username here": USERNAME
# Looksup username to see if there is an entry, variable will be empty if an entry does not exist
USER_CHECK=$(sudo getent passwd ${USERNAME})
# See if the name does not have an entry, if it does skips the user creation part.
if [ -z "$USER_CHECK" ]
then
# Create the user and it's dependencies
sudo useradd -m -d /home/$USERNAME -s /bin/bash $USERNAME
else
echo "$USERNAME already exists, skipping user creation"
fi
# Make a directory for ssh ("-p" so if it already exists skip)
sudo mkdir -p /home/$USERNAME/.ssh
# Copy over the id_rsa.pub key (overwrites each time, but if this key is changed then this is beneficial and needed)
sudo cp ~/Oliver-Mustoe-Tech-Journal/SYS265/linux/public-keys/id_rsa.pub /home/$USERNAME/.ssh/authorized_keys
# Adds appropriate permissions
sudo chmod 700 /home/$USERNAME/.ssh
sudo chmod 600 /home/$USERNAME/.ssh/authorized_keys
# Changes the group
sudo chown -R $USERNAME:$USERNAME /home/$USERNAME/.ssh
# Send a message that the process is complete!!!
echo "Done :)"
#Sources:
#https://www.cyberciti.biz/faq/linux-check-existing-groups-users/
#https://www.cyberciti.biz/faq/unix-linux-bash-script-check-if-variable-is-empty/
#https://www.tutorialspoint.com/unix/unix-using-variables.htm
#https://stackoverflow.com/questions/5615717/how-can-i-store-a-command-in-a-variable-in-a-shell-script
#https://stackoverflow.com/questions/4651437/how-do-i-set-a-variable-to-the-output-of-a-command-in-bash
#https://stackoverflow.com/questions/26600326/how-to-restart-some-progress-which-is-stopped-by-ctrlz
#https://superuser.com/questions/118781/copy-files-in-linux-avoid-the-copy-if-files-do-exist-in-destination
#https://pubs.opengroup.org/onlinepubs/009695399/utilities/mkdir.html
Can also be found here: secure-ssh.sh
Finally I tested and was able to SSH into the computer from the the desired host computer.
Sources
Sources:
The sources used for the script are included with it.
https://git-scm.com/download/linux
https://git-scm.com/docs/git-checkout
https://www.howtouselinux.com/post/setup-ssh-keys-to-login-linux-without-password