Gitolite SSH Setup

Last modified by Unknown User on 2017/04/03 06:49

Back to Support 

Gitolite SSH Setup

Create ssh key

  • To create a key-pair, run ssh-keygen with the -t option. The -t option specifies which crypto system you want the key to use. The valid options are "rsa", "dsa". In this example, we have elected to use RSA authentication:

              $ ssh-keygen -t rsa
              Generating public/private rsa key pair

  • Next you will be prompted for a passphrase, which is used to encrypt the private key. After you enter the passphrase you will be asked to verify it.

              Enter file in which to save the key (/home/sshuser/.ssh/id_rsa):
              Enter passphrase (empty for no passphrase): **********************
              Enter same passphrase again: **********************

  • If the two passphrases do not match, you will be given an error message and asked to enter the passphrases in again, as shown below.

              Passphrases do not match. Try again.
              Enter passphrase (empty for no passphrase): **********************
              Enter same passphrase again: **********************

  • Once the passphrases match, ssh-keygen will display a message indicated where the public and private keys will be saved.

              Your identification has been saved in /home/sshuser/.ssh/id_rsa.
              Your public key has been saved in /home/sshuser/.ssh/
              The key fingerprint is:

Configure ssh client settings

  • Edit your ssh client configuration, such that ssh requests to are sent over port 9222. This is accomplished by creating or modifying /home/sshuser/.ssh/config with the following value.

                 Port 9222
                 identityfile <The path to the private key you generated> such as: /home/sshuser/.ssh/id_rsa

  • Check that the file permissions are set properly on /home/sshuser/.ssh/config.  You can set the correct permissions by running the following command:

              chmod 644 ~/.ssh/config

Submitting your SSH key to CAF

  You must generate your SSH public/private key pair and send us the public key GPG encrypted via e-mail to

If you have never used gpg before, you need to initialize your key first:

If you're not certain and you're getting an error message like: "Can't open <username>.pub: No such file or directory" you need to follow this step.

  • gpg --gen-key
  • Follow all the prompts to generate a GPG key.

Then you can receive our key and sign your key:

  1. gpg --recv-keys CA609BC6
  2. gpg --armor --encrypt -r <yourCAFusername>.pub
  3. This will produce <yourCAFusername>.pub.asc
  4. Send an e-mail to with the subject of: SSH Key for user:
  5. In the e-mail please detail what project/repositories you need access to.
  6. Attach the to the e-mail
  7. If you wish you can then delete the key: gpg --delete-keys CA609BC6

  We will then verify with the project administrators that you should have access and grant it.

Update git config if necessary

  • If converting from a standard CAF project to gitolite you may need to update your git config file for the new project location.  

              git remote set-url origin<project path> such as: quic/la/device/common.git

Created by Greg Stinocher on 2013/04/25 13:54
This wiki is licensed under a Creative Commons 2.0 license
XWiki Enterprise 7.4.3 - Documentation