From 9194788f0b023a59c9246ae030b3a35b0d79f5c6 Mon Sep 17 00:00:00 2001 From: Vinod Ahuja Date: Thu, 29 Sep 2022 16:42:41 -0500 Subject: Fixing SSH key generation problem I installed Ubuntu 22.04 and RSA protocol for ssh key pair was not working and was constantly getting permission denined key pair mismatch issues. After following openstac documentation (https://docs.openstack.org/contributors/common/setup-gerrit.html) I was quickly able to fix SSH key setup issue. Open Stack recommended to use ed25519 keys protocol as it works well in all operating system. Following that recommendation and personally experience issues with RSA key generation I have updated the documentation to ed25519. Bug-AGL: [SPEC-4470] Signed-off-by: Vinod Ahuja Change-Id: I6209337e0056821ec9a0f28ea9aabb9d0933c53e Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/documentation/+/27932 Reviewed-by: Jan-Simon Moeller Tested-by: Jan-Simon Moeller --- .../1_Getting_Linux_Foundation_account.md | 32 ++++++++++------------ 1 file changed, 15 insertions(+), 17 deletions(-) (limited to 'docs') diff --git a/docs/6_How_To_Contribute/1_Getting_Linux_Foundation_account.md b/docs/6_How_To_Contribute/1_Getting_Linux_Foundation_account.md index c4d8b08..f2b2cb7 100644 --- a/docs/6_How_To_Contribute/1_Getting_Linux_Foundation_account.md +++ b/docs/6_How_To_Contribute/1_Getting_Linux_Foundation_account.md @@ -40,22 +40,23 @@ What follows explains how to generate an SSH key pair in a Linux environment --- follow the equivalent steps on your OS. First, create an SSH key pair with the command: +**Note:** This guide recommends using ed25519 keys because it has been found that this type works well across all operating systems. ```sh - $ ssh-keygen -t rsa -C "John Doe john.doe@example.com" + $ ssh-keygen -t ed25519 -C "your_name@example.com" ``` -**Note:** This will ask you for a password to protect the private key as +**Note:** When you’re prompted to “Enter a file in which to save the key” press Enter. This accepts the default location. Next, it will ask you for a password to protect the private key as it generates a unique key. Please keep this password private, and DO NOT enter a blank password. -The generated SSH key pair can be found in the files ``~/.ssh/id_rsa`` and -``~/.ssh/id_rsa.pub``. +The generated SSH key pair can be found in the files ``~/.ssh/id_ed25519`` and +``~/.ssh/id_ed25519.pub``. -Next, add the private key in the ``id_rsa`` file to your key ring, e.g.: +Next, add the private key in the ``id_ed25519`` file to your key ring, e.g.: ```sh - $ ssh-add ~/.ssh/id_rsa + $ ssh-add ~/.ssh/id_ed25519 ``` Finally, add the public key of the generated key pair to the Gerrit @@ -69,12 +70,10 @@ server, with the following steps: 4. On the left side menu, click on ``SSH Public Keys``. -5. Paste the contents of your public key ``~/.ssh/id_rsa.pub`` and click +5. Paste the contents of your public key ``~/.ssh/id_ed25519.pub`` and click ``Add key``. -**Note:** The ``id_rsa.pub`` file can be opened with any text editor. -Ensure that all the contents of the file are selected, copied and pasted -into the ``Add SSH key`` window in Gerrit. +**Note:** The ``id_ed25519.pub`` file can be opened with any text editor or you can run the command ``cat ~/.ssh/id_ed25519.pub`` in your terminal and copy output. Ensure that all the contents of the file are selected, copied and pasted into the ``Add SSH key`` window in Gerrit. **Note:** The SSH key generation instructions operate on the assumption that you are using the default naming. It is possible to generate @@ -82,19 +81,18 @@ multiple SSH keys and to name the resulting files differently. See the [ssh-keygen](https://en.wikipedia.org/wiki/Ssh-keygen) documentation for details on how to do that. Once you have generated non-default keys, you need to configure SSH to use the correct key for Gerrit. In that case, -you need to create a ``~/.ssh/config`` file modeled after the one below. +you need to create a ``~/.ssh/config`` file with command ``touch ~/.ssh/config`` and add details in config file. - ```sh +``` host gerrit.automotivelinux.org HostName gerrit.automotivelinux.org - IdentityFile ~/.ssh/id_rsa_automotivelinux_gerrit + IdentityFile ~/.ssh/id_ed25519 User + Port 29418 ``` -`` is your Linux Foundation ID and the value of IdentityFile is the +`` is your Linux Foundation ID(username) and the value of IdentityFile is the name of the public key file you generated. **Warning:** Potential Security Risk! Do not copy your private key -``~/.ssh/id_rsa``. Use only the public ``~/.ssh/id_rsa.pub``. - - +``~/.ssh/id_ed25519``. Use only the public ``~/.ssh/id_ed25519.pub``. -- cgit 1.2.3-korg