Git 学习笔记 -- Set up SSH for Git

Step 1. Read a quick overview of SSH concepts

To use SSH with Bitbucket, you create an SSH identity. An identity consists of a private and a public key which together are a key pair. The private key resides on your local computer and the public you upload to your Bitbucket account. Once you upload a public key to your account, you can use SSH to connect with repositories you own and repositories owned by others, provided those other owners give your account permissions. By setting up SSH between your local system and the Bitbucket server, your system uses the key pair to automate authentication; you won't need to enter your password each time you interact with your Bitbucket repository.

There are a few important concepts you need when working with SSH identities and Bitbucket

• You cannot reuse an identity's public key across accounts. If you have multiple Bitbucket accounts, you must create multiple identities and upload their corresponding public keys to each individual account. 

• You can associate multiple identities with a Bitbucket account. You would create multiple identities for the same account if, for example, you access a repository from a work computer and a home computer. You might create multiple identities if you wanted to execute DVCS actions on a repository with a script – the script would use a public key with an empty passphrase allowing it to run without human intervention.

• RSA (R. Rivest, A. Shamir, L. Adleman are the originators) and digital signature algorithm (DSA) are key encryption algorithms. Bitbucket supports both types of algorithms. You should create identities using whichever encryption method is most comfortable and available to you.

Step 2. Check if you have existing default Identity

The Git Bash shell comes with an SSH client. Do the following to verify your installation:

1. Double-click the Git Bash icon to start a terminal session.

2. Enter the following command to verify the SSH client is available:

   manthony@MANTHONY-PC ~
   $ ssh -v
   OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
   usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
   [-D [bind_address:]port] [-e escape_char] [-F configfile]
   [-i identity_file] [-L [bind_address:]port:host:hostport]
   [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
   [-R [bind_address:]port:host:hostport] [-S ctl_path]
   [-w local_tun[:remote_tun]] [user@]hostname [command]

3. If you have ssh installed, go to the next step.
   If you don't have ssh installed, install it now with your package manager.

4. List the contents of your ~/.ssh directory.
   If you have not used SSH on Bash you might see something like this:

   manthony@MANTHONY-PC ~
   $ ls -a ~/.ssh
   ls: /c/Users/manthony/.ssh: No such file or directory

   If you have a default identity already, you'll see two id_* files:

   manthony@MANTHONY-PC ~
   $ ls -a ~/.ssh
   .    ..    id_rsa    id_rsa.pub  known_hosts

   In this case, the default identity used RSA encryption (id_rsa.pub). If you want to use an existing default identity for your Bitbucket account, skip the next section and go to create a config file.

Step 3. Set up your default identity

By default, the system adds keys for all identities to the /Users/yourname/.ssh directory. The following procedure creates a default identity.

1. Open a terminal in your local system.

2. Enter ssh-keygen at the command line. 
   The command prompts you for a file to save the key in:

   manthony@PHOENIX ~
   $ ssh-keygen
   Generating public/private rsa key pair.
   Enter file in which to save the key (/c/Documents and Settings/manthony/.ssh/id_
   rsa):

3. Press enter to accept the default key and path, /c/Documents and Settings/manthony/.ssh/id_rsa, or you can create a key with another name. 
   To create a key with a name other than the default, specify the full path to the key. For example, to create a key called my-new-ssh-key, you would enter a path like this at the prompt:

   manthony@PHOENIX ~
   $ ssh-keygen
   Generating public/private rsa key pair.
   Enter file in which to save the key (/c/Documents and Settings/manthony/.ssh/id_
   rsa): /c/Documents and Settings/manthony/My Documents/keys/my-new-ssh-key

4. Enter and renter a passphrase when prompted.
   Unless you need a key for a process such as script, you should always provide a passphrase. 
   The command creates your default identity with its public and private keys. The whole interaction looks similar to the following: 

   manthony@MANTHONY-PC ~
   $ ssh-keygen
   Generating public/private rsa key pair.
   Enter file in which to save the key (/c/Users/manthony/.ssh/id_rsa):
   Created directory '/c/Users/manthony/.ssh'.
   Enter passphrase (empty for no passphrase):
   Enter same passphrase again:
   Your identification has been saved in /c/Users/manthony/.ssh/id_rsa.
   Your public key has been saved in /c/Users/manthony/.ssh/id_rsa.pub.
   The key fingerprint is:
   e7:94:d1:a3:02:ee:38:6e:a4:5e:26:a3:a9:f4:95:d4 manthony@MANTHONY-PC
   manthony@MANTHONY-PC ~
   $

5. List the contents of ~/.ssh to view the key files.
   You should see something like the following:

   $ ls ~/.ssh id_rsa  id_rsa.pub

   The command created two files, one for the public key ( for example id_rsa.pub ) and one for the private key (for example, id_rsa ).

More information can be found here:

https://confluence.atlassian.com/display/BITBUCKET/Set+up+SSH+for+Git