1 #+TITLE: Creating a SSH-key for a new user
3 #+EMAIL: mdl AT imapmail DOT org
4 #+STARTUP: align fold nodlcheck hidestars oddeven lognotestate
5 #+SEQ_TODO: TODO(t) INPROGRESS(i) WAITING(w@) | DONE(d) CANCELED(c@)
6 #+TAGS: Write(w) Update(u) Fix(f) Check(c)
10 #+OPTIONS: H:3 num:nil toc:t \n:nil @:t ::t |:t ^:nil -:t f:t *:t TeX:t LaTeX:t skip:nil d:(HIDE) tags:not-in-toc
12 [[file:index.org][{Back to Worg's index}]]
14 To push commits to the Worg repository at http://orgmode.org/w/worg.git you
15 need to have a SSH key. What's that and how can you create one?
17 * Public and private keys
22 A /public key/ is like a door lock, and a /private key/ is like the
23 key. =Repo.or.cz= is asking you for the /public key/, that means, they
24 ask you to provide a lock, and they will install your lock in their
25 server. Then, with your /private key/ you will be able to open a
26 connection to the server.
28 Your /private key/ may be easy to use: just /have it/, and you can use
31 But suppose you lose it; then it's not secure anymore; any person which
32 has the key (which is a file) can connect to the server supplanting your
35 Therefore, at the computer we do that the /private key/ has a /password/
36 (also called "passphrase"). Then, you do not only need to possess the
37 key to open the lock; you also need to know how to use it (that means,
38 you must have the /public key/ *and* know the password).
40 So: *use a passphrase* for more security.
42 * Steps to create your private and public keys
46 1. Run =ssh-keygen= with no parameters. If you want to change the
47 encryption algorithm used, see [[*RSA or DSA][the section below]].
49 2. /Location of the key/: just press enter
51 3. /Passphrase of the key/: enter your new password; the one you will
52 type each time to be able to connect. You can have no password at
53 all, but it's not recommended; read the description at the
54 introduction to know why.
56 4. Now you have 2 new files:
58 - =id_rsa=: that's your new private key. Don't share it!
60 - =id_rsa.pub=: that's your new /public key/. You can distribute it.
62 - You will also see a /fingerprint/ (like =31:c0:5a:92:70:5e:91=... etc).
64 5. Look at the public key. If you don't like the user name which appears
65 at the end, re-run =ssh-keygen -C "comment that you want" =
72 You can decide if at the key creation you want to use the algorithm RSA or
75 If you know which one you like, you're lucky; use it!
77 If not, decide one; both will work.
79 By default, =ssh-keygen= uses RSA, but you can use =ssh-keygen -t dsa= to
82 * Appendice: How to use this key to create an account on =repo.or.cz=?
84 *Note*: this section was useful when worg.git was hosted on =repo.or.cz=
85 instead of =orgmode.org=, before december 2011. We leave it here, so that
86 it is useful for other project than Worg.
88 1. Copy and paste the /public/ key (the contents of =id_rsa.pub=) in the
89 text box in http://repo.or.cz/reguser.cgi
91 2. In "/login/", write the user name you want to have in this server
93 3. Write also your e-mail
95 4. Click the button "/Register/"
97 5. Now you must ask the administrator to give you "push"-access: to
98 allow you to upload contents to the project.
100 6. If you chose a user name for =repo.or.cz= that is different than your
101 login name, you might adjust the ssh client to use the user name for
102 =repo.or.cz= name when connecting.
104 This can be done by putting two lines like these in the file
109 User <user at repo.or.cz>
112 # ----------------------------
114 # Started at 11.12.2007 by Daniel Clemente. This text is in the public domain.