Generating an SSH Key Pair For GitLab

https://gitlab.com/help/ssh/README

1. ssh into virtual machine

$ vagrant ssh

2. From the command line:

$ ssh-keygen -t rsa -C "GitLab" -b 4096

Next, you will be prompted to input a file path to save your key pair to.

If you don't already have an SSH key pair use the suggested path by pressing enter. Using the suggested path will allow your SSH client to automatically use the key pair with no additional configuration.

If you already have a key pair with the suggested file path, you will need to input a new file path and declare what host this key pair will be used for in your .ssh/config file, see Working with non-default SSH key pair paths below for more information.

Once you have input a file path you will be prompted to input a password to secure your SSH key pair. It is a best practice to use a password for an SSH key pair, but it is not required and you can skip creating a password by pressing enter.

Note:
If you want to change the password of your key, you can use

ssh-keygen -p <keyname>

3. NOTE: When I installed this into Vagrant virtual machine and tried to run the code below, I received an error

To install xclip:
$ sudo apt-get install xclip

$ xclip -sel clip < ~/.ssh/id_rsa.pub

Alternatively, using WinSCP, navigate to ‘/home/vagrant/.ssh/id_rsa.pub' then open and copy the key.

3. add your public SSH key to GitLab.

(a) Navigate to the ‘SSH Keys' tab in you ‘Profile Settings'.

(b) Paste your key in the ‘Key' section and give it a relevant ‘Title' (Use an identifiable title like ‘Work Laptop – Windows 7' or ‘Home MacBook Pro 15').

If you manually copied your public SSH key make sure you copied the entire key starting with ssh-rsa and ending with your email.

Deploy keys

Deploy keys allow read-only access to multiple projects with a single SSH
key.

This is really useful for cloning repositories to your Continuous
Integration (CI) server. By using deploy keys, you don't have to setup a
dummy user account.

If you are a project master or owner, you can add a deploy key in the
project settings under the section 'Deploy Keys'. Press the 'New Deploy
Key' button and upload a public SSH key. After this, the machine that uses
the corresponding private key has read-only access to the project.

You can't add the same deploy key twice with the 'New Deploy Key' option.
If you want to add the same key to another project, please enable it in the list that says 'Deploy keys from projects available to you'. All the deploy keys of all the projects you have access to are available. This project access can happen through being a direct member of the project, or through a group.

Deploy keys can be shared between projects, you just need to add them to each project.

Working with non-default SSH key pair paths

If you used a non-default file path for your GitLab SSH key pair, you must configure your SSH client to find your GitLab SSH private key for connections to your GitLab server (perhaps gitlab.com).

For OpenSSH clients this is configured in the ~/.ssh/config file. Below are two example host configurations using their own key:

# GitLab.com server
Host gitlab.com
RSAAuthentication yes
IdentityFile ~/.ssh/config/private-key-filename-01

# Private GitLab server
Host gitlab.company.com
RSAAuthentication yes
IdentityFile ~/.ssh/config/private-key-filename

Due to the wide variety of SSH clients and their very large number of configuration options, further explanation of these topics is beyond the scope of this document.

Public SSH keys need to be unique, as they will bind to your account. Your SSH key is the only identifier you'll have when pushing code via SSH. That's why it needs to uniquely map to a single user.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.