WowAce.com Knowledge base

Repositories / SSH Public Keys

Repository write access is handled by SSH tunnels that require the SSH public/private key system.

Generating your SSH key pair

On Windows, using the PuTTy suite is recommended. You can use PuTTyGen to generate your public and private key pair. Reading PuTTy documentation about key authentication is strongly recommended. The public key you will have to copy is displayed under "Public key for pasting into authorized_keys file" in PuTTyGen. The content of the public key file does not fit.

On *nix (including Mac OS X), you can just pop open a terminal and use ssh-keygen.

As an alternative, less secure, method we also will generate ssh keys for you. This is accessible at: /home/generate-keys/

Uploading your public key

When you have your ssh keys created, upload your public key to /home/repository-authorization/edit/ and you should be able to use that key to have write access to projects that you are a member of.

Be sure to copy the public key as one line without any space in the central part. Your public key should look like one of these depending on its type:

  • RSA key for SSH2 (recommended):
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvnUSCZFxE6p72IeFjYpx4R8e0uyDGARigTwtCvDdRYzD1Nbk1NXOyz1wi5WP/hEk80Qf8HoQ45D6xkyMr/FNL9yiWtlFptForphSnkZZo9L4/gk5rx9+Gg8P/u/sdx2AaKcugxn2g9s0eYotHOjl9OCIeC6rLePbxEJtQeQzsx0= optional comment
  • DSA key for SSH2:
ssh-dss AAAAB3NzaC1kc3MAAACBAPNQ4gdGh0m1FZ731L4lLBOx4YEoUtymX212sp0/CbAJ30CAH4NPvCMSHbQdlO9y9vwcQimQE1fBVthAnaKrWNyjl9zIsvPqCC58Bn2w0OE0by23pjnF3egdDjKbamhBKZyjhfq6JekV2s8qFmn8Lr07Wrr7nVtgH50LEqoxQl2hAAAAFQDHjbBvHJEbn45Pns/8VKx4ubhFqwAAAIAtZzfls0+xGD2bcGs6A2oqtxdLQiXxNIndSwgcGOIMr2Dj3M7/L+YOGdMGTk0mBoHgnAtWFQMfHnp+5ka0NtIyPJhB4TvF1KC4GZ+TMLdeZCSODLt1BD6TiGPj30oFAVflS/CWmaPy9q6xwB+ONyACOEINCsgOlCRE52PwSQBGewAAAIAZDj8y+YClQ1N5eWMErHciqWd0WHZGfkKGrUs0EzNItNN/kqnOiuazTTOs3595lpz7MTguvMkaveQRGkxsTy3WqqruEAGv+9T/BZEE5yOBEdCkNUnLJ5xQyMwpWODD7RMhWRfjk8CQmug1Zu9w6HGOQvQeEGwls4ku7+fH7bTRAg==  optional comment

Starting a SSH agent and loading your private key

On Windows, launch Pageant (see its documentation) and load your private keys.

Most *nix distributions commonly ships a SSH agent loaded on graphical login. Just try ssh-add to load your private key. If it failed, you had to launch ssh-agent and tried ssh-add again.

This is required prior to any SSH access to the repository.

Testing the SSH connection

The server and username depend on the type of repository you are using:

  • Subversion: server svn.wowace.com, username svn,
  • Git: server git.wowace.com, username git,
  • Mercurial: server hg.wowace.com, username hg,

Those will be used in any subsequent SSH connection to the repository.

Follow these steps to test the connection:

  1. Try to connect to the server using either ssh (*nix) or PuTTy (Windows).
  2. On first connection, you should be asked to accept the server key or not. Accept it.
  3. If everything went well, you should get the following message:

Successfully connected, but no svn/git/hg command provided.

The SSH key are now set up correctly. You can then start to use your Subversion/Git/Mercurial client using SSH tunnels. You may still have errors accessing the repository but they should not be related to the SSH keys.

Troubleshooting

If anything goes wrong, please check that:

  • you uploaded your public key in the right format,
  • you have a SSH agent running with the corresponding private key loaded,
  • you are trying to connect to the server and the username corresponding to your repository type.

Common error messages:

  • SSH error: "no authentication method left": the authentication with the public key failed, either because you have not uploaded it correctly or you have not loaded it in your SSH agent,
  • SVN error: "Authorization failed": the SSH authentication succeded but you do not have the privilege to access the repository, it may be because the repository is private and you are not listed in the author list or because the project has been abandonned or deleted. Finally it sometimes happens when the authorization script bugged, you will have to contact an site administrator.

When asking help on the forums or IRC, please provide the answers to the following questions:

  • which OS are you running, including version ?
  • which SSH software are you using, including version ?
  • the repository URL are you trying to connect to ?
  • what error message did you get, if any ?

Additional information

  • on msysgit installation (a git distribution for Windows), select the option "use plink" and select where you installed plink.exe. This allows the use of your SSH key through pageant.
  • if you want to use Subversion CLI client on Windows, edit the variable "ssh" of your Subversion config file (somewhere in a Subversion directory of your %USERPROFILE%) to point to plink.exe, e.g. :
ssh = "C:\\Program Files\\PuTTY\\plink.exe"

You must login to post a comment. Don't have an account? Register to get one!

  • 6 comments
  • Avatar of Dunbaratu Dunbaratu Aug 06, 2013 at 03:02 UTC - 1 like

    @Dunbaratu: Go I found the problem. I need to use the -T command line argument for the ssh command.

    Can somebody please edit the page to make the instructions for "Testing the SSH Connection" mention the need for the "-T" argument for UNIX (and MacOS) users?

    The bit where the instructions say this:

       3. If everything went well, you should get the following message:
    
    Successfully connected, but no svn/git/hg command provided.
    

    Does not in fact happen if somebody simply types:

    ssh [email protected]

    If that's all they type, they'll get this message:

    PTY allocation request failed on channel 0
    

    Because the default behavior for unix SSH is to attempt to open up a shell with a TTY, and the git SSH server refuses to allow that, allowing only TTY-less connections. If you give the "-T" argument (the "T" must be uppercase) then that says to attempt to use a vanilla dumb pipe file handle for input/output instead of a TTY, and then the command works and you do see the message expected.

    Last edited Aug 06, 2013 by Dunbaratu

    BFAK:90794910,a201633422b3d00da3d7a4fc9716c620b9f00b377d98eff6d6c9769231968680

  • Avatar of Dunbaratu Dunbaratu Aug 05, 2013 at 22:59 UTC - 0 likes

    What does this error message from SSH mean when I tried the step where I test the ssh connection? (I'm trying to set it up for Git).

    Stevens-MacBook-Pro:~ madings$ ssh git@git.wowace.com
    PTY allocation request failed on channel 0
    

    This is Mac OSX 10.7, command-line ssh, after having uploaded both my id-rsa.pub and id-dsa.pub keys to the curseforge site as mentioned in "Uploading Your Public Key".

    I mean, I know that PTY is the UNIX term for the device file handle on which you can read/write to a fake terminal's stdin/stdout. But what I mean is - what do I have to do to fix this? CAN I do anything to fix this? Is it a problem on the server end (too many users doing stuff so it doesn't have any more available PTY names to use?) in which case I can't do a thing about it at all, Do I assume it worked and move on to the next step?

  • Avatar of jflory7 jflory7 Jul 10, 2013 at 15:30 UTC - 0 likes

    This page was easy to follow for anyone on a Mac / Linux. I am on OS X and had the keys uploaded easily.

    For anyone on Windows, the whole "uploading the private key" part is extremely confusing and could use a little more info added to it, like where to download Pageant and how to use it in terms of adding the private keys for BukkitDev. Maybe this is common knowledge or something, but it makes it hard for me to try to help a friend who has Windows to upload his private key properly, as I honestly can't figure it out by only reading.

    Owner of CrystalCraftMC


    Looking for me? You can find me on my IRC channel, #jflory7
    hosted on irc.spi.gt:6667! You can also click here to join instantly!


    My Plugins:

  • Avatar of Zerotorescue Zerotorescue Nov 30, 2011 at 22:58 UTC - 0 likes

    For Windows TortoiseHg users:

    If PuTTY is connecting properly ("Successfully connected, but no hg command provided"), but pushing still returns "no authentication method left", try using the Pageant.exe file found under C:\Program Files\TortoiseHg.

    http://stackoverflow.com/questions/2951011/how-to-let-tortoisehg-mercurial-on-windows-use-the-private-key-file-generated

  • Avatar of Burnum Burnum Oct 05, 2008 at 02:25 UTC - 0 likes

    can we get an example of how this works?

  • Avatar of tsigo tsigo Jul 23, 2008 at 00:28 UTC - 0 likes

    This says "upload your private key to ...", but that page asks for the public key.

  • 6 comments