Is there any way to set different SSH keys to ruby-git gem configuration on the fly, so I can work with different private repos?
What I've done is working well, but it works with one SSH key only.
I have created /ruby_git.sh
in the root folder of my Rails app:
#!/bin/bash
exec /usr/bin/ssh -o StrictHostKeyChecking=no -i ./certs/private_key "$@"
I have created /certs/private_key
with my SSH key:
-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----
I have created /initializers/git_init.rb
:
Git.configure do |config|
config.git_ssh = Rails.root.join("ruby_git.sh").to_s
end
I have also tried another approach, to create custom sh scripts and SSH private key files for each repo in runtime and delete them after use. But this seems to alter Git
globally, so the next thread/session inherits the new Git
config:
# @repo_id, @ssh_url and @private_key are instance variables set
# based on the repo that we try to interact with
cert_path = Rails.root.join("git_config", "certs", @repo_id).to_s
config_path = Rails.root.join("git_config", "configs", "#{@repo_id}.sh").to_s
git_config = "#!\/bin\/bash\n\nexec \/usr\/bin\/ssh -o StrictHostKeyChecking=no -i #{cert_path} \"$@\""
File.open(config_path, "w") { |f|
f.write(git_config)
}
File.open(cert_path, "w") { |f|
f.write(@private_key)
}
File.chmod(0755, config_path)
File.chmod(0600, cert_path)
Git.init
Git.configure { |config|
config.git_ssh = config_path
}
Git.ls_remote(@ssh_url)
FileUtils.remove_entry(cert_path)
FileUtils.remove_entry(config_path)
I tried to work with ~/.ssh/config
. The following is working, but it does not mach my needs.
Host github.com
PreferredAuthentications publickey
IdentityFile /home/ubuntu/.ssh/repo_1_private_key
I'm working with multiple repos. SSH pair created for each of them. Public part used as a deploy key. No users.
I need to measure one repo/key pair from another and do not let ssh have access to other keys or iterate through them.
something like
Host github.com/organization_1/repo_1
PreferredAuthentications publickey
IdentityFile /home/ubuntu/.ssh/repo_1_private_key
Host github.com/organization_2/repo_2
PreferredAuthentications publickey
IdentityFile /home/ubuntu/.ssh/repo_2_private_key
is not working because github.com/organization/repo
doesn't mach with github.com
host and configuration is skipped when tried to git clone git@github.com:organization/repo.git
.
Have you tried placing the ssh config file and specify which host to connect?.
I have not dealt with ruby scripts. I have dealt with ssh enough to deal with such things. There is a ssh configuration file that helps me out in such usecases. It is the ~/.ssh/config
In your usecase, can you please try to have some setup like below line,
Host myfriendlyhostname1
HostName git.example.com
User user1
Port 1234
IdentityFile ~/.ssh/id_rsa1
Host myfriendlyhostname2
HostName git.example.com
User user2
Port 1234
IdentityFile ~/.ssh/id_rsa2
What this does is,
If you place the above inside your ~/.ssh/config
file, this maps the name of the config to pick the connection
In your case, I assume you have same host different credentials right?
If you ssh myfriendlyhostname1
, it will connect using the identity provided for user1
to git.example.com
.
If you ssh myfriendlyhostname2
, it will connect using the identity provided for user2
to git.example.com
.
When searched, I found this link that has more examples, https://linuxize.com/post/using-the-ssh-config-file/
What I have not tried is git clone
using myfriendlyhostname1
If you tried it let me know how that went.
You can say, however ruby sets up to say, git -c core.sshcommand='/usr/bin/ssh -F my.temp.config'
and set up your one-shot connection-setup params in that temp config.