Thursday 7 July 2011

Create your SSH key

You need a SSH public key in order to access your KDE SVN account

Generating the SSH keys

To be able to use your KDE SVN account with SSH, you need a SSH public key. Please notice that it is not a GPG (OpenPGP) key, which is completely unrelated!
The password in the sense of this documentation is the public key that you are creating.
For more information on how to create a pair o SSH keys, please refer to a SSH documentation or book.
In short, the command to create a pair of keys is ssh-keygen and it requires the type of key you will create, either DSA or RSA - both are fine.
To create a new pair of keys, use
ssh-keygen -t dsa
or
ssh-keygen -t rsa
There is also a type called RSA1 which was used in version 1 of the SSH protocol. See the ssh documentation for more details.
You can then accept the default filename for your key (either $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa, depending on the type of key you have chosen). After that, a passphrase is asked. It is recommended that you do not leave it blank.
Now that you are finished generating your key pair, you will have two files: a private key and a public key. If you have accepted the default filename, they will be respectively $HOME/.ssh/id_dsa and $HOME/.ssh/id_dsa.pub or $HOME/.ssh/id_rsa and $HOME/.ssh/id_rsa.pub, depending on the type of key you have specified.
The private key must remain secret, do not publish it to anyone under any circumstance.

The public key can be published and shall be sent when you are applying for a KDE SVN account.

You should also set up ssh-agent so you do not have to type the password every time you connect via SSH. There are several tutorials available explaining how to do this, for example this one. Keychain is a program that makes this task easier.
Note: if you already have an ssh key, you can just use the existing key instead of creating a new one.



If you want to use SVN with SSH with another user than the one who created the keys, you need to copy $HOME/.ssh/id_dsa.pub and $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa.pub and $HOME/.ssh/id_rsa to the other user's $HOME/.ssh directory.
You should probably also backup those files.

No comments:

Post a Comment