Lazy Diary @ Hatena Blog

PowerShell / Java / miscellaneous things about software development, Tips & Gochas. CC BY-SA 4.0/Apache License 2.0

Push source to GitHub/GitLab repository without type password

GitLab GitHub Git

Background

The passphrase stored in ssh-agent is invalidated when the git client machine is rebooted.

If you want to access GitHub/GitLab without type password (e.g. push/pull source in Jenkins), you have to use a ssh public/public key pair without passphrase, rather than ssh-agent.

Process

1. Make a key pair for GitHub/GitLab

Make a new key pair with ssh-keygen. You can use ssh-keygen -t ecdsa, or ssh-keygen -t ed25519 for more security. In GitLab, ssh-keygen -t ed25519 is acceptable on GitLab 10.3 or later.

$ ssh-keygen -t rsa

For convenience, make a new public/public key pair (~/.ssh/id_rsa_nopassphrase) without passphrase.

Generating public/private rsa key pair.
Enter file in which to save the key (/home/yourname/.ssh/id_rsa): /home/yourname/.ssh/id_rsa_nopassphrase

For passphrase prompt, just type enter twice (no passphrase).

Enter passphrase (empty for no passphrase): 
Enter same passphrase again:

ssh-keygen will make a new key pair.

Your identification has been saved in /home/yourname/.ssh/id_rsa_nopassphrase.
Your public key has been saved in /home/yourname/.ssh/id_rsa_nopassphrase.pub.
The key fingerprint is:
SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX yourname@Hostname

The key's randomart image is:
+---[RSA 2048]----+
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
+----[SHA256]-----+

2. Set the new public key to GitHub/GitLab

Open the new public key (~/.ssh/id_rsa_nopassphrase.pub) and copy&paste the content.

  • If you use GitLab, Open 'SSH Keys' tab in 'Profile Settings', and paste the key in the 'Key' section.
  • If you use GitHub, Open 'SSH and GPG keys' tab in 'Settings', push 'New SSH key', and paste the key in the 'Key' section.

3. Make git to use the new private key

Make ~/.ssh/config file if it isn't exist. add the content below to the ~/.ssh/config. This setting makes git to use the new private key for ssh connection.

Host github.com
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_rsa_nopassphrase
    Port 22

4. Test the connection to GitHub/GitLab

$ ssh -T git@github.com
Hi yourname! You've successfully authenticated, but GitHub does not provide shell access.

If any error occurred, try ssh -Tv git@github.com, and see the messages.

5. Try git command

Note that use the username git (not your account name in GitHub/GitLab) in comnand.

$ git clone --depth 1 git@github.com:yourname/repository.git
$ cd repository/
$ git push
Everything up-to-date