Jul 20, 2019 Welcome to my first official guide on Dev.to. Today I want to explain how you can setup SSH and Git on your Windows 10 computer. Note: This is not about 100% securing your keys but about how to generate keys for use with GitHub. Thanks to garethdd for his constructive feedback. Creating an SSH key on Windows 1. Check for existing SSH keys. You should check for existing SSH keys on your local computer. You can use an existing SSH key with Bitbucket Server if you want, in which case you can go straight to either SSH user keys for personal use or SSH access keys for system use. Open a command prompt, and run. Jul 25, 2019 How to generate SSH keys for Git authorization Windows. Open file yourhomedirectory/.ssh/idrsa.pub with your favorite text editor. Open the file you’ve just created /.ssh/idrsa.pub with your favorite text editor. Linux (Ubuntu) Be sure that you don’t copy any whitespace while. Generating a new SSH key. Open Terminal Terminal Git Bash the terminal. Paste the text below, substituting in your GitHub Enterprise email address. $ ssh-keygen -t rsa -b 4096 -C ' [email protected] '. When you're prompted to 'Enter a file in which to save the key.
Setting up Git can be tricky on Windows compared to Linux or Mac, but if you follow the steps in this guide, you should have no problems using Git on Windows. We’ve done the hard work and chosen between the multiple options at key steps to help make things easier for you. This guide will take you through the steps to install and configure Git and connect it to remote repositories to clone, push, and pull. If you don’t have one already, create a Beanstalk account.
Choosing a Git distribution
There are two competing Git packages for Windows: a Cygwin-based Git and a version called msysGit. We will describe how to install the msysGit package. We recommend installing msysGit because we’ve found it’s easier to work with than the Cygwin based installation.
Installing Git
Once you have downloaded the msysGit executable, double click on it to start the installation wizard. Leave the default directory options. When you get to the “Adjusting your Path environment” setting, select the “Run Git from the Windows Command Prompt” option. Choosing this option will make it easy for you to run Git commands from the Windows Command Prompt (command line) if you choose. Command Prompt is a simple tool, where you can run commands, switch through folders, manage files and it can be ran by selecting Run… in Start menu, and executing
cmd command.
You will notice that for the rest of this article we will use Git Bash for running Git commands. The Git Bash tool works in the same way as the default Windows’ Command Prompt, but has some special features. With Git Bash you’ll be able to use a number of UNIX command line tools along with access to Git, and we recommend it since it’s often simpler to use than the Windows Command Prompt.
You can run it by right clicking your mouse on the desktop, and selecting Git Bash from pop up window.
When you reach the step “Configuring the line ending conversions”, make sure to leave the option “Checkout Windows-style, commit Unix-style line endings” selected. This option makes sure that Git converts LF to CRLF when checking out text files. When committing text files, CRLF will also be converted to LF. This is a compatibility measure to protect newlines in text files, allowing you to easily work with text files on Windows and on Unix-style platforms.
Important note: The most common problems when setting up Git on Windows are related to SSH keys. Git uses SSH keys to securely access your repositories, and in Windows SSH keys are often searched on the wrong path when you try to use Git.
If you use an older version of msysGit, you may encounter a step called “Choosing the SSH executables”. If you encounter that dialog, we recommend that you choose the “Use OpenSSH” option.
After you have successfully installed Git on Windows, you’ll need to provide secure communication with your Git repositories by creating and installing SSH keys.
Installing SSH keys on Windows
To access your Git repositories you will need to create and install SSH keys. You can do this in two ways:
OpenSSH and PuTTY are free implementations of Telnet and SSH for Windows. They encrypt all traffic and provide secure communication with your remote Git repositories by using SSH keys.
We recommend OpenSSH over PuTTY, and it’s installed with your Git copy. PuTTY is recommended only for advanced users who are already familiar with how Git with SSH keys work.
Using OpenSSH and generating SSH keys with ssh-keygen
To communicate with the remote Git repository in your Beanstalk account from your Windows computer, you will need to generate an SSH key pair for that computer. This process requires only a few steps, but you do first need to install msysGit using the full installer as described above.
Generating a key pair
To do this you need to run Git Bash, which can be found in your Start menu. Run the command:
It will ask for location and pass phrase. Accept the default location (usually
C:Documents and Settingsusername.ssh or C:Usersusername.ssh ) by pressing Enter. After that, make sure to set a strong pass phrase for the key.
Now that the keys are generated, open the file
id_rsa.pub (found in the default location from the previous step) with a text editor. The contents of this file is your new public key. If you copy it to your clipboard, you can add it to your Beanstalk profile (under the Profile and Settings → Keys= section).
Your SSH public key should look something like this:
In your Beanstalk account, SSH key would look like this:
After you have setup the SSH key on Beanstalk, you should be able to check a connection and then push or pull with your remote Git repository. In case you have trouble with SSH keys check $HOME path in your Windows operating system. Some other software can change HOME or HOME_PATH environment variable to point to different location, instead of your real home (Documents and Settings) directory.
![]() Checking your connection
Before trying to access your Beanstalk repository, check if the connection to your remote repository works. In order to do that, run Git Bash, and enter this command, replacing accountname with your account name:
In this case, this is the URL to access Git on your Beanstalk account. If you are using another version control hosting service, the URL would be provided by them.
When authenticating or later when trying to connect to Git repository most likely you will encounter a message that looks like this:
You can type
yes and press Enter, which will add your account’s hostname accountname.beanstalkapp.com to a known_hosts file. This step won’t need to be repeated later, unless your public key or your account names changes.
If you were authenticated correctly, you will see a message similar to this one:
You can now continue to configure your local Git profile.
In case you have installed TortoiseGIT
If you have ever installed TortoiseGit on the computer you’re setting up your keys on, you may encounter problems. TortiseGit creates an environment variable that configures Plink as your SSH keystore, which may conflict when you try to use Git and SSH. No matter how you change your config or uninstall TortoiseGit, that environment variable persists and until you delete it, Git will not look to your regular
.ssh directory to find the proper key.
In our case environment variable looked like this: GIT_SSH=c:Program FilesPuttyplink.exe. Environment variables can be found here:
Having problems connecting to your Git repository on Windows 7?
Our users have reported problems when generating SSH keys on Windows 7 systems. If that happens for you, try generating your SSH keys on Windows XP if possible. After generating the private and public keys (following the steps to generate keys are provided above in the Generating a key pair chapter), copy the files to default SSH keys location in Windows 7 (usually
C:Documents and Settingsusername.ssh or C:Usersusername.ssh ).
Alternative to OpenSSH — using PuTTY to access your Git repository
Installing Git and using PuTTY to connect to your Git repository can be troublesome, so we recommend that you use the OpenSSH method which we described in the steps above. Using OpenSSH is simple and straightforward, but if OpenSSH is not an option, or for some other reason you prefer to use PuTTY to connect to your repositories, here is a step by step guide on how to do so.
Like OpenSSH, you will generate SSH keys and use them to communicate with your remote Git repositories, only now you will use PuTTY’s tools for generating, storing, and using the keys.
Installing PuTTY
You can download the PuTTY installation package and run it. The latest installation package at the moment of writing this article is putty-0.60-installer.exe which can be found under “A Windows installer for everything except PuTTYtel” heading.
Install PuTTY to the default recommended location, typically
c:Program FilesPuTTY . Once installed, navigate to the installation folder where you will find:
You will also find some other files, but for this guide you only need to know about plink, puttygen, pageant and putty.
Adding GIT_SSH variable to environment
After you have installed PuTTY package, you’ll need to add a GIT_SSH variable to your environment variables which should point to the plink.exe file (including its entire path). Accepting our defaults from above, this will likely be: GIT_SSH=c:Program FilesPuttyplink.exe
Environment variables can be found and created/edited here, depending on your version of Windows:
Generating SSH key with puttygen
After setting up the environment variable, you need to generate and save SSH keys with puttygen. Run puttygen.exe, which will allow you to generate a SSH-2 RSA public/private keypair. Once generated, save the public and private keys to a folder of your preference, just make sure to note the folder where the keys are shared. Easiest way to remember which is the private/public key is to name them
private and public so you can distinguish them later.
Before leaving puttygen, copy the public key to your clipboard and paste it into your version control hosting account (in Beanstalk, under the Profile and Settings → Keys section).
Please note that when you generate a key with puttygen, the public key that you copy from puttygen and the public key you save to a file for later use are not in the same format. You can see on the picture below that the public key was saved with new lines and without the “ssh-rsa” keyword. In order to copy and paste the public key to Beanstalk, you need to copy it in the same format as it was when it was generated by puttygen. That format should be: “ssh-rsa keycodegenerated”. All you need to do is modify your key in an editor like Notepad, and then add it to Beanstalk.
Adding your private key to pageant
After you have generated the SSH keypair, you need to add the SSH private key to pageant, PuTTY’s key management tool. First, run pageant, which can be found in the directory where you have installed PuTTY package (remember, by default:
c:Program FilesPuTTY ). You will see a small icon in your system tray (see the screenshot to the right), which indicates pageant is started. Click on the icon and in pageant window click “Add Keys”. Add the private key that was generated by puttygen in the previous step. The private key has extension .ppk, that is the easiest way to distinguish it from the public key you have created.
After you add the SSH key, you should see it in pageant key list.
Checking your connection
Once you have finished setting up PuTTY, all you need to do is check if the connection to your remote hosted Git repository works if you installed Git.
If you still haven’t installed Git download the msysGit executable, double click on it and the installation wizard should start. Leave the default directory options. When you get to the “Adjusting your Path environment” setting, select the “Use Git Bash only” option. Choosing this option will help you avoid path conflicts.
After you have installed Git run Git Bash and go to the directory where you have installed PuTTY and try to access your repository by typing this:
If you are not authenticated correctly, a message like the following screenshot will pop up:
If you are authenticated correctly, a new window will pop up with message like this:
Pop up window will close shortly after authentication is finished, which means authentication was successful and you should be able to manage your Git repositories from now on.
Setting up Git profile
After you have authenticated correctly by installing Git and setting up SSH keys, before you start using your Git repositories, you should setup your Git profile by typing following after you run Git bash in command line:
In case you are using Beanstalk for version control, it would be best if your first name, last name and email address match to the ones you use in your account to avoid any conflicts.
Summary
In order to be able to use your repository you need to:
While setting up Git the most common mistakes include mismatched private and public SSH keys or the user doesn’t have permission to access the repository. If you run into any issues connecting to Beanstalk, don't hesitate to contact us using the links below.
Now what?
Now that you have Git properly installed and configured, you can use a client of your choice. Whether you choose a terminal or a GUI, it is a good idea to learn the basic concepts and commands for versioning your files before. Here’s some recommended reading to get you started:
Generate Ssh Key Git Bash-->Azure Repos | Azure DevOps Server 2019 | TFS 2018 | TFS 2017 | TFS 2015 Update 3
Connect to your Git repos through SSH on macOS, Linux, or Windows to securely connect using HTTPS authentication. On Windows, we recommended the use of Git Credential Managers or Personal Access Tokens.
Important
SSH URLs have changed, but old SSH URLs will continue to work. If you have already set up SSH, you should update your remote URLs to the new format:
Note
As of Visual Studio 2017, SSH can be used to connect to Git repos.
How SSH key authentication works
SSH public key authentication works with an asymmetric pair of generated encryption keys. The public key is shared with Azure DevOps and used to verify the initial ssh connection. The private key is kept safe and secure on your system.
Set up SSH key authentication
The following steps cover configuration of SSH key authentication on the following platforms:
Configure SSH using the command line.
bash is the common shell on Linux and macOS and the Git for Windows installation adds a shortcut to Git Bash in the Start menu.Other shell environments will work, but are not covered in this article.
Step 1: Create your SSH keys
Note
If you have already created SSH keys on your system, skip this step and go to configuring SSH keys.
The commands here will let you create new default SSH keys, overwriting existing default keys. Before continuing, check your
~/.ssh folder (for example, /home/jamal/.ssh or C:Usersjamal.ssh) and look for the following files:
If these files exist, then you have already created SSH keys. You can overwrite the keys with the following commands, or skip this step and go to configuring SSH keys to reuse these keys.
Create your SSH keys with the
ssh-keygen command from the bash prompt. This command will create a 2048-bit RSA key for use with SSH. You can give a passphrasefor your private key when prompted—this passphrase provides another layer of security for your private key.If you give a passphrase, be sure to configure the SSH agent to cache your passphrase so you don't have to enter it every time you connect.
This command produces the two keys needed for SSH authentication: your private key ( id_rsa ) and the public key ( id_rsa.pub ). It is important to never share the contents of your private key. If the private key iscompromised, attackers can use it to trick servers into thinking the connection is coming from you.
Step 2: Add the public key to Azure DevOps Services/TFS
Associate the public key generated in the previous step with your user ID.
Step 3: Clone the Git repository with SSH
Note
To connect with SSH from an existing cloned repo, see updating your remotes to SSH.
Github Generate Ssh Key Windows 7
SSH may display the server's SSH fingerprint and ask you to verify it.
For cloud-hosted Azure DevOps Services, where clone URLs contain either
ssh.dev.azure.com or vs-ssh.visualstudio.com , the fingerprint should match one of the following formats:
For self-hosted instances of Azure DevOps Server, you should verify that the displayed fingerprint matches one of the fingerprints in the SSH public keys page.
SSH displays this fingerprint when it connects to an unknown host to protect you from man-in-the-middle attacks.Once you accept the host's fingerprint, SSH will not prompt you again unless the fingerprint changes.
When you are asked if you want to continue connecting, type
yes . Git will clone the repo and set up the origin remote to connect with SSH for future Git commands.
Tip
Avoid trouble: Windows users will need to run a command to have Git reuse their SSH key passphrase.
Questions and troubleshootingQ: After running git clone, I get the following error. What should I do?
Host key verification failed.fatal: Could not read from remote repository.
A: Manually record the SSH key by running:
ssh-keyscan -t rsa domain.com >> ~/.ssh/known_hosts
Q: How can I have Git remember the passphrase for my key on Windows?
A: Run the following command included in Git for Windows to start up the
ssh-agent process in Powershell or the Windows Command Prompt. ssh-agent will cacheyour passphrase so you don't have to provide it every time you connect to your repo.
If you're using the Bash shell (including Git Bash), start ssh-agent with:
Q: I use PuTTY as my SSH client and generated my keys with PuTTYgen. Can I use these keys with Azure DevOps Services?
A: Yes. Load the private key with PuTTYgen, go to Conversions menu and select Export OpenSSH key.Save the private key file and then follow the steps to set up non-default keys.Copy your public key directly from the PuTTYgen window and paste into the Key Data field in your security settings.
Q: How can I verify that the public key I uploaded is the same key as I have locally?
A: You can verify the fingerprint of the public key uploaded with the one displayed in your profile through the following
ssh-keygen command run against your public key usingthe bash command line. You will need to change the path and the public key filename if you are not using the defaults.
You can then compare the MD5 signature to the one in your profile. This check is useful if you have connection problems or have concerns about incorrectlypasting in the public key into the Key Data field when adding the key to Azure DevOps Services.
Q: How can I start using SSH in a repository where I am currently using HTTPS?
A: You'll need to update the
origin remote in Git to change over from a HTTPS to SSH URL. Once you have the SSH clone URL, run the following command:
You can now run any Git command that connects to
origin .
Q: I'm using Git LFS with Azure DevOps Services and I get errors when pulling files tracked by Git LFS.
A: Azure DevOps Services currently doesn't support LFS over SSH. Use HTTPS to connect to repos with Git LFS tracked files.
Q: How can I use a non default key location, i.e. not ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub?Github Generate Ssh Key Windows Cmd
A: To use keys created with
ssh-keygen in a different place than the default, you do two things:
Github Generate Ssh Key Windows
On Windows, before running
ssh-add , you will need to run the following command from included in Git for Windows:
This command runs in both Powershell and the Command Prompt. If you are using Git Bash, the command you need to use is:
You can find
ssh-add as part of the Git for Windows distribution and also run it in any shell environment on Windows.
Github Generate Ssh Key Windows Command Line
On macOS and Linux you also must have
ssh-agent running before running ssh-add , but the command environment on these platforms usuallytakes care of starting ssh-agent for you.
Windows Generate Ssh Key For GithubQ: I have multiple SSH keys. How do I use different SSH keys for different SSH servers or repos?
A: Generally, if you configure multiple keys for an SSH client and connect to an SSH server, the client can try the keys one at a time until the server accepts one.
However, this doesn't work with Azure DevOps for technical reasons related to the SSH protocol and how our Git SSH URLs are structured. Azure DevOps will blindly accept the first key that the client provides during authentication. If that key is invalid for the requested repo, the request will fail with the following error:
For Azure DevOps, you'll need to configure SSH to explicitly use a specific key file. One way to do this to edit your
~/.ssh/config file (for example, /home/jamal/.ssh or C:Usersjamal.ssh ) as follows:
Q: What notifications may I receive about my SSH keys?Generate Ssh Key Windows For Github
A: Whenever you register a new SSH Key with Azure DevOps Services, you will receive an email notification informing you that a new SSH key has been added to your account.
Q: What do I do if I believe that someone other than me is adding SSH keys on my account?
A: If you receive a notification of an SSH key being registered and you did not manually upload it to the service, your credentials may have been compromised.
The next step would be to investigate whether or not your password has been compromised. Changing your password is always a good first step to defend against this attack vector. If you’re an Azure Active Directory user, talk with your administrator to check if your account was used from an unknown source/location.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |