SSH login with Github multi-bin backup
Executive summary Private Key Login
schematically Generate private keys Distribution of public keys SSH authentication for Github Submit code via SSH authentication Multi-warehouse multi-account backup code reference material
Private Key Login
There are two main ways to get daily SSH certification:
An account password.
The other one is.
note
In fact, it is not, but when the operation to give us the opening permission always ask us to provide, we are mistaken for. In fact, authentication is used, with a signature (signature, check is used).
Most large companies SSH login by logging into the springboard machine and then shuttling to other hosts.
Automatic reading of private keys
When we type:, the file (which this file is) is automatically read to verify the identity with this.
schematically
There are three steps as shown, and the subsequent text wants to talk about them in detail.
reminders: The above diagram shows that the public key must be placed in the server file in step 2 beforehand if you want to ensure that step 3 can successfully log in to the server.
Generate private keys
In order to request a login server, Ops will usually ask us to provide our own. We need to generate, then put confidentiality, put to O&M. You may ask: Why doesn't Ops generate it for you? Then put it to you, and you put it in position, won't you? It is indeed possible. Only then it would lose its security significance. You've given yours to Ops, so when your account does something destructive, it doesn't prove that the operator is you.
To generate, just use the command.
$ ssh-keygen
Follow the prompts to enter the necessary information. Finally, the private key is generated to the id_rsa of .ssh/id_rsa
note
If you are worried about a file that you put directly on your local machine for fear that someone will see it, you can also add a password to it (that is, when you view it, you need to enter a password). Also usually the private key file is accessible (only by the owner of the file).
Distribution of public keys
Suppose there are two Linux hosts, named C and S, and now to Login from C to S above. How is it configured?
Private key file: The "private key" should be saved in C. The file name is.
Distribute the public key: You have to append C's to the S's file.
catid_rsa.pub >> ~/.ssh/authorized_keys
Note: It's C's, it's S's.
Update permissions: chmod 0600 in ~/.ssh of S *
SSH authentication for Github
Submit code via SSH authentication
There are usually two protocols for submitting code to GitHub: SSH and HTTPS. Where HTTPS requires us to enter or configure an account and password for authentication, the SSH method is all about authentication. To do this, you need to set the SSH Public Key on the settings page (copy the contents of ~/.ssh/id_rsa.pub that you just generated into the web form), as shown here.
Suppose an account called alice creates a hello-world project on GitHub, then its git address is
When the command is executed locally, the private key is read by default for signing so that the server side can verify it.
Multi-warehouse multi-account backup code
The previous section talked about reading files by default, so how do you specify to read other files? When do you need to read another private key file?
We know that git is decentralized and can back up to multiple remote repositories in addition to being able to work offline. For example, you can back up to foreign ones at the same time, or; then there are domestic ones or. We constructed an example.
A local copy of code that you want to back up to 3 remote repositories at the same time, where.
Resp#1 is the alice account for github.com
Resp#2 is still on github.com, but the account has been changed to bob
Resp#3 backup to domestic coding.net, also with alice account
Generate two key pairs locally, alice (including and) and bob (including and), and fill in the public keys to the three remote repositories.
In the local Local repository, edit the file to add the node content.
Once configured, and looking at the remote repository, there are 3 more.
Key issues Here we go, how does the system select the corresponding private key file when it is executed?
Careful students will notice.
The URL address of Resp#1 is, for the host portion.
Whereas the URL address for Resp#2 is, the host portion is, however It's not a real hostname, the public network doesn't recognize it . Indeed, it is one!
Where is this configured? The answer is the SSH Config file, ie.
Here is a plug for knowledge of the syntax of SSH Config.
Hostgithub.comgithub-alice#host alias: can be the same as the real hostname, and can also have multiple aliases, separated by spaces.
HostNamegithub.com#realhostname: mandatory parameter, can be a domain name or IP.
Port22# port number: optional parameter, default value 22
Usergit#username: username used for authentication, SSH method for github, username must be git, not alice or bob
PreferredAuthenticationspublickey# authentication method: optional parameter
IdentityFile~/.ssh/id_rsa_alice#private key file: default is ~/.ssh/id_rsa, if you use other, you must specify it here
Edit the file according to this knowledge of syntax, adding the following.
# Multi-warehouse multi-account backups
Host github.com github-alice
HostName github.com
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_alice
Host github-bob
HostName github.com
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_bob
Host git.coding.net coding-alice
HostName git.coding.net
Port 22
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_alice
Next, specify the Push command.
$ gitpush github-alice master
$ gitpush github-bob master
$ gitpush coding-alice master
As an example, the git client sees that the remote git repository address is selected inside.
github-bobgit@github-bob:bob/hello-world.git (fetch)
github-bobgit@github-bob:bob/hello-world.git (push)
Next, the hostname is extracted from it, and this hostname needs to be checked in the local alias table to find.
Host github-bob
HostName github.com
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_bob
It's real hostname is, account number is, and private key file is.
To conclude with a brief summary of backups.
Multi-warehouse backup requirements : In case of loss or acceleration, a piece of code wants to be put on both GitHub and domestic coding. Usually a person only needs to generate a pair of key pairs, at two different sites, filling in the same public key. Sometimes, however, there may be various reasons that force multiple key pairs.
Git Remote Supports Host Aliases : When setting the URL address for git remote, the hostname can be a non-real domain or IP, and can be an alias. This alias can be defined in SSH Config.
Assigning a private key to a host alias : Define the host alias in SSH Config and specify the real host domain or IP for it, along with the private key file.
reference material
Java SSH Toolkit (JSCH) In-depth
JSCH Demo Code
How to configure the private key login method?
Secure login: ssh-keygen,ssh-copy-id and authorized_keys
How to access mysql via SSH ?
Springboarder: Dynamic password required to log in to the springboarder
SSH Tunnel Tunnel
reversed tunnel
SSH forward/ reversed tunnel
SSH Tunnel
Multi-layer SSH tunnels
Configure multiple GitHub SSH keys
Github email account privacy conflicts with GitLog
Push multiple repositories at the same time with a single command
Recommended>>
1、BitcoinBlockchain Newbie Zone Survival Diary V1
2、Its impossible to get rich Its impossible to get rich in this life
3、CNNVD Latest Vulnerabilities
4、Im sure its the programming guy
5、BlockchainDigital Currency Terminology in English and Chinese