blob: d7d9120f8528266b0686e0b1bf58217bd2cca43b [file] [log] [blame]
Joey Armstrong56334fc2023-01-15 22:53:19 -05001Gerrit SSH Access
2#################
3
4- `Gerrit Login <https://gerrit.opencord.org/login/%2Fq%2Fstatus%3Aopen%2B-is%3Awip>`_
5
6Generate an :ref:`SSH Key <gerrit-user-account>` for access
7============================================================
8
9.. sourcecode:: shell
10
11 $ ssh-keygen -t ed25519 -f id_gerrit -C 'tux@opennetworking.org'
12
13- Login and configure gerrit
14
15- Verify your ssh connection (manual/explicit args)
16 - ssh -T -p 29419 -i ~/.ssh/id_gerrit tux@gerrit.opencord.org
17 - -T # disable pseudo terminal access, simple verify
18 - -p(port)
19 - -i(dentity) # ssh key
20 - Expect to see::
21 \*\*\*\* Welcome to Gerrit Code Review \*\*\*\*
22
23 Hi tux, you have successfully connected over SSH.
24
25 Unfortunately, interactive shells are disabled.
26
27
28Load your ssh key(s) to prompt for a passprase once
29===================================================
30
31.. sourcecode:: shell
32
33 # ssh-add will prompt for the passphrase for your key.
34 # This is a one-time operation per login session.
35 $ ssh-add ~/.ssh/id_gerrit
36 $ ssh-add -l
37
38Create ~/.ssh/config to simplify your connections
39=================================================
40.. sourcecode:: shell
41
42 FILE: ~/.ssh/config
43 # IdentitiesOnly yes only use identity provided, no fallback
44
45 Host github.com
46 IdentityFile ~/.ssh/github.com/id_ed25519
47 IdentitiesOnly yes
48 # (default) Port 22
49 User tux
50
51 Host gerrit.opencord.org
52 Hostname gerrit.opencord.org
53 IdentityFile ~/.ssh/gerrit.opencord.org/id_ed25519
54 IdentitiesOnly yes
55 Port 29418
56 User tux@opennetworking.org
57
58With ~/.ssh/config setup simply connect to the target machine:
59==============================================================
60 - ssh gerrit.opencord.org
61
62
63Secure permissions on ~/.ssh
64============================
65
66.. sourcecode:: shell
67
68 $ chown -R {my_login}:{my_login} ~/.ssh
69 $ chmod -R ~/.ssh u+rwx,og-rwx
70 $ find ~/.ssh -type d -print0 | xargs -0 chmod u=rwx
71 $ find ~/.ssh -type f -print0 | xargs -0 chmod u=r
72 $ find ~/.ssh -name '*.pub' -type f -print0 | xargs -0 chmod u=rw
73 $ chmod u=rw ~/.ssh/config ~/.ssh/known_hosts* ~/.ssh/authorized_keys
74
75Debugging connection problems
76===============================
77 - ssh [-v | -vv | -vvv ] to enable connection debugging.
78 - For conneciton problems be explicit when specifying arguments:
79 - ssh -p(ort) -i(dentity) {user}@{host}
80 - Use ssh-add -D to clear your keyring and force passphrase prompting.