ansible/infra-automation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ac5e403616c8b55fdc39ca2dd04cf49ca756bc9b
infra-automation/docs/git-ssh-setup.md
ansible 4e28d1633a Update git authentication and documentation 
- Created ed25519 SSH key for git operations (secrets/ssh/ansible)
- Configured git to use SSH key authentication with IdentitiesOnly
- Recreated Gitea repository with proper SSH access (ID: 29)
- Added SSH agent auto-initialization script (.ssh-agent-init)
- Created comprehensive git SSH setup documentation
- Updated TODO.md to reflect resolved git push issues
- All git operations now use SSH key authentication

SSH Key Details:
- Passphrase: Documented in secrets/ssh/README.md
- Fingerprint: SHA256:mkgq5V567C/CJas9nbP16kNzzVqs7z7k2X90qdP0QXE
- Auto-load: source /opt/ansible/.ssh-agent-init

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-11 14:13:34 +01:00

123 lines
2.4 KiB
Markdown
Raw Blame History

# Git SSH Key Setup for Gitea
## Overview
Git is now configured to use SSH key authentication for all operations with `git.mymx.me`.
## SSH Key Details
- **Location**: `/opt/ansible/secrets/ssh/ansible`
- **Type**: ed25519
- **Fingerprint**: `SHA256:mkgq5V567C/CJas9nbP16kNzzVqs7z7k2X90qdP0QXE`
- **User**: `ansible@mymx.me`
- **Passphrase**: Stored in `secrets/ssh/README.md`
## Configuration
### Git Configuration
Git has been configured to use the SSH key:
```bash
git config core.sshCommand "ssh -i /opt/ansible/secrets/ssh/ansible"
```
### SSH Agent Initialization
An automatic SSH agent initialization script has been created at `/opt/ansible/.ssh-agent-init`.
To use in new shells, add to your shell profile:
```bash
source /opt/ansible/.ssh-agent-init
```
This script will:
1. Start ssh-agent if not running
2. Load the ansible SSH key with passphrase automatically
3. Persist the agent across shell sessions
## Usage
### Current Shell
In your current shell, source the initialization script:
```bash
source /opt/ansible/.ssh-agent-init
```
### Git Operations
All standard git operations now work with SSH authentication:
```bash
# Fetch updates
git fetch origin
# Pull changes
git pull origin master
# Push commits
git push origin master
# Check remote
git ls-remote origin
```
### Manual SSH Key Management
If you need to manually manage the SSH key:
```bash
# Check loaded keys
ssh-add -l
# Add key manually (will prompt for passphrase)
ssh-add /opt/ansible/secrets/ssh/ansible
# Remove key from agent
ssh-add -d /opt/ansible/secrets/ssh/ansible
```
## Troubleshooting
### "Could not open a connection to your authentication agent"
Run the initialization script:
```bash
source /opt/ansible/.ssh-agent-init
```
### "Permission denied (publickey)"
Ensure the key is loaded in ssh-agent:
```bash
ssh-add -l
```
If not listed, source the initialization script or add manually.
### Verify SSH Connection
Test SSH connection to Gitea:
```bash
ssh -T git@git.mymx.me -p 2222 -i /opt/ansible/secrets/ssh/ansible
```
## Security Notes
- Private key is stored in `secrets/` directory (should be in separate git repository)
- Passphrase is documented in `secrets/ssh/README.md`
- SSH key has read/write access to ansible repositories on git.mymx.me
- Key was uploaded to Gitea with Key ID: 5
## References
- Passphrase details: `secrets/ssh/README.md`
- SSH config: `~/.ssh/config`
- Git config: `.git/config` (core.sshCommand)
Reference in New Issue View Git Blame Copy Permalink