Generating an SSH Keypair

Introduction

Repository Hosting uses public key cryptography to authenticate all private access to Git and Mercurial repositories over SSH. In order to access a private repository, or commit to a public Git repository, you will need to generate an SSH keypair and provide Repository Hosting with the public half of the keypair.

NOTE: If you have multiple accounts at Repository Hosting, then you will need to generate a new keypair for every account.

Generating the Keypair

Mac OS

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/username/.ssh/id_rsa): <use default or enter new location>
Enter passphrase (empty for no passphrase): <password>
Enter same passphrase again: <confirmation>
Your identification has been saved in /Users/username/.ssh/id_rsa.
Your public key has been saved in /Users/username/.ssh/id_rsa.pub.
The key fingerprint is:
ab:f9:23:a6:f0:db:ce:64:59:dd:98:b9:be:7c:57:6f username@hostname.local

$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqkDkMnQwAer3irnip5U1HzJmfahJ06474mhb4Z4eobhXQ
I7qDu1pbt7H2SSSswa6HwX7Uicelh1u6PkQaSZJ/QOaUWSFkyM2hw+B3oOfqVVnst9vdZPpTLfyWuxqG2
YAnHyYEb2w58VSVbk4L89s3V21keMZI3+PD83+K2LvqsgxfO4UHds7SRk5kLCTQGHljr2POG8TQ3Xfec7
xvXy6jTB0gipM0/dUV0uxdGCEU5WNPSLIjhnHl6BF8Q84Dzc9FroGHNzhDG2POMco6HhKx2zgjm4K5rFu
jR1nV45unWc/RLE0Zeom+Znfw1s5jETAo6/NZKVLrNGP1LryWy8wyQ== username@hostname.local

$ cat ~/.ssh/id_rsa.pub | pbcopy # copy to clipboard

Linux

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): <use default or enter new location>
Enter passphrase (empty for no passphrase): <password>
Enter same passphrase again: <confirmation>
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
ab:f9:23:a6:f0:db:ce:64:59:dd:98:b9:be:7c:57:6f username@hostname

$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqkDkMnQwAer3irnip5U1HzJmfahJ06474mhb4Z4eobhXQ
I7qDu1pbt7H2SSSswa6HwX7Uicelh1u6PkQaSZJ/QOaUWSFkyM2hw+B3oOfqVVnst9vdZPpTLfyWuxqG2
YAnHyYEb2w58VSVbk4L89s3V21keMZI3+PD83+K2LvqsgxfO4UHds7SRk5kLCTQGHljr2POG8TQ3Xfec7
xvXy6jTB0gipM0/dUV0uxdGCEU5WNPSLIjhnHl6BF8Q84Dzc9FroGHNzhDG2POMco6HhKx2zgjm4K5rFu
jR1nV45unWc/RLE0Zeom+Znfw1s5jETAo6/NZKVLrNGP1LryWy8wyQ== username@hostname.local

Windows

Historically, Git does not play very nicely with Windows. However, the situation is improving with time. If you are using Git for Windows, you can use the provided ssh-keygen tool to create a keypair. Alternatively, you can also use PuTTYgen to generate keypairs.

Check out our FAQ for more information on accessing repositories via SSH on Windows.

Public Key Association

The public portion of your key must be made available to Repository Hosting so that our servers will recognize your key as being associated with your account. Once logged into the web interface for your account, simply click on the "My Profile" link in the upper right hand corner, or on the Settings link next to a user on the Account Dashboard. Select the "Public Keys" tab and then paste the entire contents of the public key file (with the .pub extension) into the form for adding public keys.

Modifying ssh_config

SSH will need to know how to locate your keypair. If you used one of the default key names, such as ~/.ssh/id_rsa, then SSH will be able to find it automatically. If not, then you can specify your keypair in the ssh_config file. A sample config file is shown below. Alternatively, you may register your keypair with SSH by executing "ssh-add /path/to/my_key"

Because you need to use separate SSH keys for each of your Repository Hosting accounts, you need a way to switch between the keys on your client. The easiest way is to modify the ssh_config file (on Ubuntu, this is located here: /etc/ssh/ssh_config). Use the following sample setup as a guide:

#
# personal account
#
Host personal.repositoryhosting.com
Hostname personal.repositoryhosting.com
IdentitiesOnly yes
IdentityFile ~/.ssh/personal_key
#
# corporate account
#
Host corporate.repositoryhosting.com
Hostname corporate.repositoryhosting.com
IdentitiesOnly yes
IdentityFile ~/.ssh/corporate_key

To test your connection, you may use the following commands:

# see what keys are registered with SSH
ssh-add -l

# test connecting to the Repository Hosting servers
# a message that says "Welcome to Repository Hosting" means you were authenticated
ssh -v git@<account-subdomain>.repositoryhosting.com
ssh -v hg@<account-subdomain>.repositoryhosting.com