SSH login with Github multi-bin backup

Executive summary Private Key Login

schematically Generate private keys Distribution of public keys SSH authentication for Github Submit code via SSH authentication Multi-warehouse multi-account backup code reference material

Private Key Login

There are two main ways to get daily SSH certification:

An account password.

The other one is.


In fact, it is not, but when the operation to give us the opening permission always ask us to provide, we are mistaken for. In fact, authentication is used, with a signature (signature, check is used).

Most large companies SSH login by logging into the springboard machine and then shuttling to other hosts.

Automatic reading of private keys

When we type:, the file (which this file is) is automatically read to verify the identity with this.


There are three steps as shown, and the subsequent text wants to talk about them in detail.

reminders: The above diagram shows that the public key must be placed in the server file in step 2 beforehand if you want to ensure that step 3 can successfully log in to the server.

Generate private keys

In order to request a login server, Ops will usually ask us to provide our own. We need to generate, then put confidentiality, put to O&M. You may ask: Why doesn't Ops generate it for you? Then put it to you, and you put it in position, won't you? It is indeed possible. Only then it would lose its security significance. You've given yours to Ops, so when your account does something destructive, it doesn't prove that the operator is you.

To generate, just use the command.

$ ssh-keygen

Follow the prompts to enter the necessary information. Finally, the private key is generated to the id_rsa of .ssh/id_rsa


If you are worried about a file that you put directly on your local machine for fear that someone will see it, you can also add a password to it (that is, when you view it, you need to enter a password). Also usually the private key file is accessible (only by the owner of the file).

Distribution of public keys

Suppose there are two Linux hosts, named C and S, and now to Login from C to S above. How is it configured?

Private key file: The "private key" should be saved in C. The file name is.

Distribute the public key: You have to append C's to the S's file. >> ~/.ssh/authorized_keys

Note: It's C's, it's S's.

Update permissions: chmod 0600 in ~/.ssh of S *

SSH authentication for Github

Submit code via SSH authentication

There are usually two protocols for submitting code to GitHub: SSH and HTTPS. Where HTTPS requires us to enter or configure an account and password for authentication, the SSH method is all about authentication. To do this, you need to set the SSH Public Key on the settings page (copy the contents of ~/.ssh/ that you just generated into the web form), as shown here.

Suppose an account called alice creates a hello-world project on GitHub, then its git address is

When the command is executed locally, the private key is read by default for signing so that the server side can verify it.

Multi-warehouse multi-account backup code

The previous section talked about reading files by default, so how do you specify to read other files? When do you need to read another private key file?

We know that git is decentralized and can back up to multiple remote repositories in addition to being able to work offline. For example, you can back up to foreign ones at the same time, or; then there are domestic ones or. We constructed an example.

A local copy of code that you want to back up to 3 remote repositories at the same time, where.

Resp#1 is the alice account for

Resp#2 is still on, but the account has been changed to bob

Resp#3 backup to domestic, also with alice account

Generate two key pairs locally, alice (including and) and bob (including and), and fill in the public keys to the three remote repositories.

In the local Local repository, edit the file to add the node content.

Once configured, and looking at the remote repository, there are 3 more.

Key issues Here we go, how does the system select the corresponding private key file when it is executed?

Careful students will notice.

The URL address of Resp#1 is, for the host portion.

Whereas the URL address for Resp#2 is, the host portion is, however It's not a real hostname, the public network doesn't recognize it . Indeed, it is one!

Where is this configured? The answer is the SSH Config file, ie.

Here is a plug for knowledge of the syntax of SSH Config.

Hostgithub.comgithub-alice#host alias: can be the same as the real hostname, and can also have multiple aliases, separated by spaces. mandatory parameter, can be a domain name or IP.

Port22# port number: optional parameter, default value 22

Usergit#username: username used for authentication, SSH method for github, username must be git, not alice or bob

PreferredAuthenticationspublickey# authentication method: optional parameter

IdentityFile~/.ssh/id_rsa_alice#private key file: default is ~/.ssh/id_rsa, if you use other, you must specify it here

Edit the file according to this knowledge of syntax, adding the following.

# Multi-warehouse multi-account backups

Host github-alice


User git

PreferredAuthentications publickey

IdentityFile ~/.ssh/id_rsa_alice

Host github-bob


User git

PreferredAuthentications publickey

IdentityFile ~/.ssh/id_rsa_bob

Host coding-alice


Port 22

User git

PreferredAuthentications publickey

IdentityFile ~/.ssh/id_rsa_alice

Next, specify the Push command.

$ gitpush github-alice master

$ gitpush github-bob master

$ gitpush coding-alice master

As an example, the git client sees that the remote git repository address is selected inside.

github-bobgit@github-bob:bob/hello-world.git (fetch)

github-bobgit@github-bob:bob/hello-world.git (push)

Next, the hostname is extracted from it, and this hostname needs to be checked in the local alias table to find.

Host github-bob


User git

PreferredAuthentications publickey

IdentityFile ~/.ssh/id_rsa_bob

It's real hostname is, account number is, and private key file is.

To conclude with a brief summary of backups.

Multi-warehouse backup requirements : In case of loss or acceleration, a piece of code wants to be put on both GitHub and domestic coding. Usually a person only needs to generate a pair of key pairs, at two different sites, filling in the same public key. Sometimes, however, there may be various reasons that force multiple key pairs.

Git Remote Supports Host Aliases : When setting the URL address for git remote, the hostname can be a non-real domain or IP, and can be an alias. This alias can be defined in SSH Config.

Assigning a private key to a host alias : Define the host alias in SSH Config and specify the real host domain or IP for it, along with the private key file.

reference material

Java SSH Toolkit (JSCH) In-depth

JSCH Demo Code

How to configure the private key login method?

Secure login: ssh-keygen,ssh-copy-id and authorized_keys

How to access mysql via SSH ?

Springboarder: Dynamic password required to log in to the springboarder

SSH Tunnel Tunnel

reversed tunnel

SSH forward/ reversed tunnel

SSH Tunnel

Multi-layer SSH tunnels

Configure multiple GitHub SSH keys

Github email account privacy conflicts with GitLog

Push multiple repositories at the same time with a single command

1、BitcoinBlockchain Newbie Zone Survival Diary V1
2、Its impossible to get rich Its impossible to get rich in this life
3、CNNVD Latest Vulnerabilities
4、Im sure its the programming guy
5、BlockchainDigital Currency Terminology in English and Chinese

    已推荐到看一看 和朋友分享想法
    最多200字,当前共 发送