Company logo
  • Empleos
  • Bootcamp
  • Acerca de nosotros
  • Para profesionales
    • Inicio
    • Empleos
    • Cursos y retos
    • Preguntas
    • Profesores
    • Bootcamp
  • Para empresas
    • Inicio
    • Nuestro proceso
    • Planes
    • Pruebas
    • Nómina
    • Blog
    • Comercial
    • Calculadora

0

98
Vistas
How to switch between SSH keys with the ruby-git gem?

Is there any way to set different SSH keys to ruby-git gem configuration on the fly, so I can work with different private repos?

What I've done is working well, but it works with one SSH key only.

I have created /ruby_git.sh in the root folder of my Rails app:

#!/bin/bash
exec /usr/bin/ssh -o StrictHostKeyChecking=no -i ./certs/private_key "$@"

I have created /certs/private_key with my SSH key:

-----BEGIN OPENSSH PRIVATE KEY-----
...
-----END OPENSSH PRIVATE KEY-----

I have created /initializers/git_init.rb:

Git.configure do |config|
  config.git_ssh = Rails.root.join("ruby_git.sh").to_s
end

I have also tried another approach, to create custom sh scripts and SSH private key files for each repo in runtime and delete them after use. But this seems to alter Git globally, so the next thread/session inherits the new Git config:

# @repo_id, @ssh_url and @private_key are instance variables set
# based on the repo that we try to interact with

cert_path   = Rails.root.join("git_config", "certs", @repo_id).to_s
config_path = Rails.root.join("git_config", "configs", "#{@repo_id}.sh").to_s
git_config  = "#!\/bin\/bash\n\nexec \/usr\/bin\/ssh -o StrictHostKeyChecking=no -i #{cert_path} \"$@\""

File.open(config_path, "w") { |f|
  f.write(git_config)
}

File.open(cert_path, "w") { |f|
  f.write(@private_key)
}

File.chmod(0755, config_path)
File.chmod(0600, cert_path)

Git.init

Git.configure { |config|
  config.git_ssh = config_path
}

Git.ls_remote(@ssh_url)

FileUtils.remove_entry(cert_path)
FileUtils.remove_entry(config_path)

I tried to work with ~/.ssh/config. The following is working, but it does not mach my needs.

Host github.com
  PreferredAuthentications publickey
  IdentityFile /home/ubuntu/.ssh/repo_1_private_key

I'm working with multiple repos. SSH pair created for each of them. Public part used as a deploy key. No users.

I need to measure one repo/key pair from another and do not let ssh have access to other keys or iterate through them.

something like

Host github.com/organization_1/repo_1
  PreferredAuthentications publickey
  IdentityFile /home/ubuntu/.ssh/repo_1_private_key

Host github.com/organization_2/repo_2
  PreferredAuthentications publickey
  IdentityFile /home/ubuntu/.ssh/repo_2_private_key

is not working because github.com/organization/repo doesn't mach with github.com host and configuration is skipped when tried to git clone git@github.com:organization/repo.git.

10 months ago · Santiago Trujillo
2 Respuestas
Responde la pregunta

0

Have you tried placing the ssh config file and specify which host to connect?.

I have not dealt with ruby scripts. I have dealt with ssh enough to deal with such things. There is a ssh configuration file that helps me out in such usecases. It is the ~/.ssh/config

In your usecase, can you please try to have some setup like below line,

Host myfriendlyhostname1
     HostName git.example.com
     User user1
     Port 1234
     IdentityFile ~/.ssh/id_rsa1

Host myfriendlyhostname2
     HostName git.example.com
     User user2
     Port 1234
     IdentityFile ~/.ssh/id_rsa2

What this does is, If you place the above inside your ~/.ssh/config file, this maps the name of the config to pick the connection

In your case, I assume you have same host different credentials right?

If you ssh myfriendlyhostname1, it will connect using the identity provided for user1 to git.example.com.

If you ssh myfriendlyhostname2, it will connect using the identity provided for user2 to git.example.com.

When searched, I found this link that has more examples, https://linuxize.com/post/using-the-ssh-config-file/

What I have not tried is git clone using myfriendlyhostname1 If you tried it let me know how that went.

10 months ago · Santiago Trujillo Denunciar

0

You can say, however ruby sets up to say, git -c core.sshcommand='/usr/bin/ssh -F my.temp.config' and set up your one-shot connection-setup params in that temp config.

10 months ago · Santiago Trujillo Denunciar
Responde la pregunta
Encuentra empleos remotos