Establishing a Private - Public Key Pair

Establishing a Private - Public Key Pair

Postby rkraft » Fri Sep 12, 2008 1:09 pm


Thought I might detail my experiences with establishing a private-public key pair in order to use tahoe-manager to update from the CVS repository. I'm using Linux RedHat Enterprise.

Along with this post you may also want to read this post:

First, make the private-public key pair on your local machine. It should look like this:

[HTML][prompt@localmachine %] ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/rkraft/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/rkraft/.ssh/id_dsa.
Your public key has been saved in /home/rkraft/.ssh/
The key fingerprint is:
##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:## username@hostname

NOTE: if you enter an new file name above to save the key, it may cause problems later on while accessing the CVS repository at SourceForge. For example, originally I typed id_dsa_tahoe for the key pair file name, which worked on the development server at, but did not work for because the authorized_key file at SourceForge looks for id_dsa by default. If you want to name the key pair something other than id_dsa, I will discribe what to do below.

In the meantime we NEXT: Check to make sure id_dsa and were created in ~/.ssh :
[HTML][prompt@localmachine %] ls -ltr ~/.ssh/
total 24
-rw-r--r-- 1 rkraft users 3467 Aug 27 15:34 known_hosts
-rw------- 1 rkraft users 248 Sep 12 15:03 config
-rw------- 1 rkraft users 616 Sep 12 15:14
-rw------- 1 rkraft users 672 Sep 12 15:14 id_dsa

If you are not a developer (i.e., you do not have access to and/or you just need access to the CVS repository at Sourceforge, you will need to log on to SourceForge and go the "Account Options" section.

On that web page you should see a link to [Edit SSH Keys for Shell/CVS] under the Host Access Information section. Click it and copy and paste your public key from the file. See attached picture. [img]CVS_SourceForge.jpg[/img] You will have to wait 10 minutes for it to register.

If you named your public key id_dsa when you generated it, and have waited 10 minute or so, you should now be able to access the CVS repository without needing to enter you password. NOTE: If you used a different name other than "" you will need to use the following command to access SourceForge without having to use a password:

[HTML][prompt@localmachine %] ssh -i id_dsa_filename

For the developers
, the next step is to copy to and add it to the list in the authorized_keys file located in ~/.ssh (NOTE: you may need to create the .ssh directory yourself). We do this in a series of steps . First, copy the file to your home directory at :

[HTML][prompt@localmachine %] scp ~/.ssh/

Then, log onto add it to the list of public keys in the authorized_key file:

[HTML][ %] cat ~/ >> ~/.ssh/authorized_keys

Next, Apply the correct permissions,
[HTML][ %] chmod 600 ~/.ssh/authorized_keys

For many of you out there, you should now be able to access and without needing to enter your password. However, it was not the case for me since I was dealing with some additional security constraints. This is what I had to do:

When you ssh, use:

[HTML]prompt@localmachine %] ssh -o PreferredAuthentications=publickey

or to save some typing, create a file in your .ssh directory call "config" and add the following lines for accessing both and

IdentityFile ~/.ssh/id_dsa
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_dsa
PreferredAuthentications publickey
Host *
PreferredAuthentications gssapi-with-mic

It is easiest if you just stick with using id_dsa for the name of the private-public key pair.

NOTE: Depending on your settings, you may instead need to use:
PreferredAuthentications gssapi-with-mic,password,keyboard-interactive
For this beware, because I don't think SourceForge supports authentication by password or keyboard-interactive. See

Hope this helps someone. :)
CVS_SourceForge.jpg (67.39 KiB) Viewed 4723 times
Junior Member
Posts: 6
Joined: Tue Aug 19, 2008 11:44 am
Location: Baltimore, MD

Return to CVS

Who is online

Users browsing this forum: No registered users and 1 guest