Posted by Laszlo Pinter February 15, 2017 February 15, 2017 Leave a comment on Add SSH key to a Jenkins Git step To access a Git repository Jenkins can use an SSH key. To add the SSH key to the Jenkins server use the following Chef script. Connecting a Repository via the API ¶. If you want to use self-generated SSH keys or prefer to use the Rasa X API, you can also the Rasa X HTTP API to connect Rasa X to your Git repository. To authenticate your Rasa X server with the remote repository, you need to set up an SSH key. Nov 22, 2016  GitLab and Jenkins Integration Learning Devops & Tools. GitLab and Jenkins Integration using SSH Keys Setting up SSH Keys to connect GitLab and Jenkins. Follow the below Steps: 1) Generate Public Key & Private Key(SSH Keys) of the user. Command: ssh-keygen -t rsa -C 'youremail@example.com'.

• Generate Ssh Key For Git
• Jenkins Generate Ssh Key For Git Server
• Jenkins Create Ssh Key For Git
• Generate Ssh Key Github
• Jenkins Generate Ssh Key
• Jenkins Generate Ssh Key For Github

The most successful product teams using Rasa apply software engineering best practices todeveloping their assistants, including:

• Versioning training data and action code in Git
• Reviewing changes before they go into production
• Running automated tests on proposed changes

Rasa X encourages best practices by integrating itself into your existingdevelopment workflows, letting you:

• Automate data synchronization with your Git repository
• Automatically stay up to date with the latest state of the remote repository onyour Git server
• Annotate new data and push those changes to Git

Set yourself up for success by connecting your Rasa X server with Git to monitor,version, and test your training data using GitHub, GitLab, Bitbucket, Travis CI,CircleCI, Jenkins, etc.

• Connect your Rasa X Server to a Git Repository

In order to connect Rasa X with your assistant’s Git repository, you will need three things:

• A Rasa X instance running in server mode (local mode does not support Integrated Version Control)
• A Git repository containing a project in the default Rasa Open Source projectlayout

Note

When you connect your remote Git repository to Rasa X it will overwrite the training data,which is currently stored in Rasa X. Please use a fresh Rasa X instance or exportyour training data if you want to keep the old training data.

For Rasa X to correctly visualize and modify your AI assistant’s data, your projectneeds to follow the default Rasa Open Source project layout created byrasa init:

If you have just installed Rasa Open Source for the first time, you can runrasainit in a new Git repository to achieve this structure. If you have anexisting assistant that you’reconnecting to Rasa X, make sure to add it to a Git repository andreorganize the project if it does not match the above layout.

1. To connect your Git repository click on the branch icon and clickConnect to a repository.

2. Configure the repository connection:
   • SSH URL: Rasa X will clone the repository using the given SSH URL. Cloning viaHTTP is currently not supported.

   • target branch: The target branch is the branch that Rasa X will

     • use to show the initial data
     • branch off from when you make new changes
     • return to after you discard or push changes

   • By default users can choose if they want to push their changes directly to thetarget branch or to a new branch. If want to disable pushing changes directly tothe target branch, select Require users to add changes to a new branch.

3. Add the provided public SSH key to your Git server. This allows Rasa X toauthenticate with the Git server using its private SSH key. Please see thedocumentation of your Git server how to do so. We have linked the instructionsfor some common providers inAdd the Public SSH Key to Your Git Server

   Note

   If you prefer to provide your own keys, please seeConnecting a Repository via the API.

4. Once you added the public SSH key to your Git server, hit the Verify Connectionbutton. Rasa X will now show that it is connected to your repository.

5. What to do next: Check out Using Integrated Version Control to understandhow to use Integrated Version Control as part of your process for improving your assistant.

You have to add the public key of the generated key pair to your Git server. Pleasemake sure to only give the key access to one specific repository instead of giving itglobal access to all of your Git repositories. For instructions specific to your Gitplatform, see below.

GitHub¶

Add the generated public SSH key as a Deploykey to your GitHub repository.See theGitHub docsfor more information on how to do so.

GitLab¶

Add the generated public SSH key as a Deploykey to your GitLab repository.See the GitLab docsfor more information on how to do so.

Bitbucket¶

Add the generated public SSH key as an Accesskey to your Bitbucket repository.See theBitbucket docsfor more information on how to do so.

If you want to use self-generated SSH keys or prefer to use the Rasa X API, you canalso the Rasa X HTTP API to connect Rasa X to your Git repository.

1. To authenticate your Rasa X server with the remote repository, you needto set up an SSH key that Rasa X can use for authentication.Please create a new, single-use SSH key for this (see instructions below).Also, make sure to restrict the SSH keys to only apply to your assistant’s repository.

   To generate a new SSH key pair follow these steps:

   1. Open the Terminal
   2. Execute the following command (make sure to not overwrite your own SSH keys):

   This provides you a private (git-deploy-key) and apublic (git-deploy-key.pub) key in your current directory.

   Note

   Please note that Rasa X currently does not support password protected privatekeys.

2. Save your repository information and private key to a file repository.json, in the format shownbelow. If your Rasa X server does not use HTTPS, we highly recommend doing this directlyon your server to avoid compromising the key. As the contents of this file willuploaded via a curl request, the directory where it is stored does not matter, butit is recommended to store the file somewhere secure.

   Note

   The target branch is the branch that Rasa X will

   • use to show the initial data
   • branch off from when you make new changes
   • return to after you discard or push changes

   If you want to disable adding changes directly to the target branch, pleasespecify is_target_branch_protected':true/false in the repository.jsonfile.

   For example, your repository.json might look like:

   Warning

   When connecting the Rasa X instance to a git repository, any training data or configuration filesstored in Rasa X will be overwritten by those in the Git repository. If you were using Rasa X tomanage your assistant before setting up Integrated Version Control, be sure to download the data beforecontinuing, so that the data is not lost. You can push the downloaded data from your machine to your Gitrepo before or after connecting it to Rasa X.

3. To authenticate with the Rasa X server you can use one of two methods:

   • API token authentication: Get your API token by going to the model screen inRasa X and copying the api_token token from the UploadModel command.Similar to the upload command, you add it with the api_token query parametershown in the curl command below.
   • JWT token authentication: Use your JWT access token. You can get it from theauthentication endpoint and pass itwithin the Authorization header.

   Once you have prepared your chosen form of authentication, create the repository by executing the followingHTTP request from the directory that contains your repository.json:

   Note

   If your Rasa X server runs on HTTPS, make sure to use https:// in the --url parameter.

Once you’re set up with Git and your assistant is automatically imported, you can Enable Workflows tobegin learning from real users. For more information about how data synchronization works, seeUsing Integrated Version Control.

Azure Repos Azure DevOps Server 2019 TFS 2018 TFS 2017 TFS 2015 Update 3

Connect to your Git repos through SSH on macOS, Linux, or Windows to securely connect using HTTPS authentication. On Windows, we recommended the use of Git Credential Managers or Personal Access Tokens.

Important

SSH URLs have changed, but old SSH URLs will continue to work. If you have already set up SSH, you should update your remote URLs to the new format:

• Verify which remotes are using SSH by running git remote -v in your Git client.
• Visit your repository on the web and select the Clone button in the upper right.
• Select SSH and copy the new SSH URL.
• In your Git client, run: git remote set-url <remote name, e.g. origin> <new SSH URL>. Alternatively, in Visual Studio, go to Repository Settings, and edit your remotes.

Note

As of Visual Studio 2017, SSH can be used to connect to Git repos.

How SSH key authentication works

SSH public key authentication works with an asymmetric pair of generated encryption keys. The public key is shared with Azure DevOps and used to verify the initial ssh connection. The private key is kept safe and secure on your system.

Set up SSH key authentication

The following steps cover configuration of SSH key authentication on the following platforms:

• Linux
• macOS running at least Leopard (10.5)
• Windows systems running Git for Windows

Configure SSH using the command line. bash is the common shell on Linux and macOS and the Git for Windows installation adds a shortcut to Git Bash in the Start menu.Other shell environments will work, but are not covered in this article.

Step 1: Create your SSH keys

Note

If you have already created SSH keys on your system, skip this step and go to configuring SSH keys.

The commands here will let you create new default SSH keys, overwriting existing default keys. Before continuing, check your~/.ssh folder (for example, /home/jamal/.ssh or C:Usersjamal.ssh) and look for the following files:

• id_rsa
• id_rsa.pub

If these files exist, then you have already created SSH keys. You can overwrite the keys with the following commands, or skip this step and go to configuring SSH keys to reuse these keys.

Create your SSH keys with the ssh-keygen command from the bash prompt. This command will create a 2048-bit RSA key for use with SSH. You can give a passphrasefor your private key when prompted—this passphrase provides another layer of security for your private key.If you give a passphrase, be sure to configure the SSH agent to cache your passphrase so you don't have to enter it every time you connect.

This command produces the two keys needed for SSH authentication: your private key ( id_rsa ) and the public key ( id_rsa.pub ). It is important to never share the contents of your private key. If the private key iscompromised, attackers can use it to trick servers into thinking the connection is coming from you.

Step 2: Add the public key to Azure DevOps Services/TFS

Associate the public key generated in the previous step with your user ID.

1. Open your security settings by browsing to the web portal and selecting your avatar in the upper right of theuser interface. Select Security in the menu that appears.

2. Select SSH public keys, and then select + New Key.

3. Copy the contents of the public key (for example, id_rsa.pub) that you generated into the Public Key Data field.

   Important

   Avoid adding whitespace or new lines into the Key Data field, as they can cause Azure DevOps Services to use an invalid public key. When pasting in the key, a newline often is added at the end. Be sure to remove this newline if it occurs.

4. Give the key a useful description (this description will be displayed on the SSH public keys page for your profile) so that you can remember it later. Select Save to store the public key. Once saved, you cannot change the key. You can delete the key or create a new entry for another key. There are no restrictions on how many keys you can add to your user profile.

Step 3: Clone the Git repository with SSH

Note

To connect with SSH from an existing cloned repo, see updating your remotes to SSH.

1. Copy the SSH clone URL from the web portal. In this example, the SSL clone URL is for a repo in an organization named fabrikam-fiber, as indicated by the first part of the URL after dev.azure.com.

   Note

   Project URLs have changed with the release of Azure DevOps Services and now have the format dev.azure.com/{your organization}/{your project}, but you can still use the existing visualstudio.com format. For more information, see VSTS is now Azure DevOps Services.

2. Run git clone from the command prompt.

SSH may display the server's SSH fingerprint and ask you to verify it.

For cloud-hosted Azure DevOps Services, where clone URLs contain either ssh.dev.azure.com or vs-ssh.visualstudio.com, the fingerprint should match one of the following formats:

• MD5: 97:70:33:82:fd:29:3a:73:39:af:6a:07:ad:f8:80:49 (RSA)
• SHA256: SHA256:ohD8VZEXGWo6Ez8GSEJQ9WpafgLFsOfLOtGGQCQo6Og (RSA)These fingerprints are also listed in the SSH public keys page.

For self-hosted instances of Azure DevOps Server, you should verify that the displayed fingerprint matches one of the fingerprints in the SSH public keys page.

SSH displays this fingerprint when it connects to an unknown host to protect you from man-in-the-middle attacks.Once you accept the host's fingerprint, SSH will not prompt you again unless the fingerprint changes.

When you are asked if you want to continue connecting, type yes. Git will clone the repo and set up the origin remote to connect with SSH for future Git commands.

Tip

Generate Ssh Key For Git

Avoid trouble: Windows users will need to run a command to have Git reuse their SSH key passphrase.

Questions and troubleshooting

Q: After running git clone, I get the following error. What should I do?

Host key verification failed.fatal: Could not read from remote repository.

A: Manually record the SSH key by running:ssh-keyscan -t rsa domain.com >> ~/.ssh/known_hosts

Q: How can I have Git remember the passphrase for my key on Windows?

A: Run the following command included in Git for Windows to start up the ssh-agent process in Powershell or the Windows Command Prompt. ssh-agent will cacheyour passphrase so you don't have to provide it every time you connect to your repo.

If you're using the Bash shell (including Git Bash), start ssh-agent with:

Generate public key file from private key on windows. Next, extract the public key from the key pair and copy it to a separate file: sn -p keypair.snk public.snk Once you create the key pair, you must put the file where the strong name signing tools can find it. When signing an assembly with a strong name, the Assembly Linker (Al.exe) looks for the key file relative to the current directory and to the output directory. When using command-line compilers, you can simply. To generate the public/private key pair, enter this in the Command Prompt: ssh-keygen At the first prompt, “Enter file in which to save the key,” press Enter to save it in the default location. To generate an SSH key pair on Windows using the PuTTYgen program: Download and install PuTTY or PuTTYgen. To download PuTTY or PuTTYgen, go to and click the You can download PuTTY here link. Run the PuTTYgen program. The PuTTY Key Generator window is displayed. Set the Type of.

Q: I use PuTTY as my SSH client and generated my keys with PuTTYgen. Can I use these keys with Azure DevOps Services?

A: Yes. Load the private key with PuTTYgen, go to Conversions menu and select Export OpenSSH key.Save the private key file and then follow the steps to set up non-default keys.Copy your public key directly from the PuTTYgen window and paste into the Key Data field in your security settings.

Q: How can I verify that the public key I uploaded is the same key as I have locally?

A: You can verify the fingerprint of the public key uploaded with the one displayed in your profile through the following ssh-keygen command run against your public key usingthe bash command line. You will need to change the path and the public key filename if you are not using the defaults.

You can then compare the MD5 signature to the one in your profile. This check is useful if you have connection problems or have concerns about incorrectlypasting in the public key into the Key Data field when adding the key to Azure DevOps Services.

Q: How can I start using SSH in a repository where I am currently using HTTPS?

A: You'll need to update the origin remote in Git to change over from a HTTPS to SSH URL. Once you have the SSH clone URL, run the following command:

You can now run any Git command that connects to origin.

Q: I'm using Git LFS with Azure DevOps Services and I get errors when pulling files tracked by Git LFS.

A: Azure DevOps Services currently doesn't support LFS over SSH. Use HTTPS to connect to repos with Git LFS tracked files.

Q: How can I use a non default key location, i.e. not ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub?

Jenkins Generate Ssh Key For Git Server

A: To use keys created with ssh-keygen in a different place than the default, you do two things:

1. The keys must be in a folder that only you can read or edit. If the folder has wider permissions, SSH will not use the keys.
2. You must let SSH know the location of the keys. You make SSH aware of keys through the ssh-add command, providing the full path to the private key.

On Windows, before running ssh-add, you will need to run the following command from included in Git for Windows:

This command runs in both Powershell and the Command Prompt. If you are using Git Bash, the command you need to use is:

You can find ssh-add as part of the Git for Windows distribution and also run it in any shell environment on Windows.

On macOS and Linux you also must have ssh-agent running before running ssh-add, but the command environment on these platforms usuallytakes care of starting ssh-agent for you.

Q: I have multiple SSH keys. How do I use different SSH keys for different SSH servers or repos?

Jenkins Create Ssh Key For Git

A: Generally, if you configure multiple keys for an SSH client and connect to an SSH server, the client can try the keys one at a time until the server accepts one.

However, this doesn't work with Azure DevOps for technical reasons related to the SSH protocol and how our Git SSH URLs are structured. Azure DevOps will blindly accept the first key that the client provides during authentication. If that key is invalid for the requested repo, the request will fail with the following error:

For Azure DevOps, you'll need to configure SSH to explicitly use a specific key file. One way to do this to edit your ~/.ssh/config file (for example, /home/jamal/.ssh or C:Usersjamal.ssh) as follows:

Generate Ssh Key Github

Q: What notifications may I receive about my SSH keys?

Jenkins Generate Ssh Key

A: Whenever you register a new SSH Key with Azure DevOps Services, you will receive an email notification informing you that a new SSH key has been added to your account.

Q: What do I do if I believe that someone other than me is adding SSH keys on my account?

A: If you receive a notification of an SSH key being registered and you did not manually upload it to the service, your credentials may have been compromised.

Jenkins Generate Ssh Key For Github

The next step would be to investigate whether or not your password has been compromised. Changing your password is always a good first step to defend against this attack vector. If you’re an Azure Active Directory user, talk with your administrator to check if your account was used from an unknown source/location.