How to config mercurial to push without asking my password through ssh?

Asked 29/8, 2010 at 9:48 Answered 30/5, 2015 at 23:10

I use mercurial in my project, and every time I push new changesets to the server by ssh, it ask me for a password.
Then how to config the mercurial to push with out asking password?

I works on Ubuntu 9.10

Drenthe answered 29/8, 2010 at 9:48 Comment(4)

As both the answers below hint at without saying ssh, by design, doesn't allow you specify your password on the command line, in a config file, in an environment variable, or anywhere else insecure like that. Instead you'll have to use a public/private key pair and do a little setup on both the client and the server. You've got good unix/mac and windows answers below. – Seedbed 29/8, 2010 at 13:25

Also, in future, specify your OS as the configuration varies a lot. – Polynuclear 30/8, 2010 at 10:58

I'm so sorry for the missing info, tank you OJ. – Drenthe 30/8, 2010 at 15:28

No problem :) Just for future reference! – Polynuclear 1/9, 2010 at 13:52

On Linux and Mac, use ssh-agent.

Ensure you have an ssh keypair (see man ssh-keygen for details)
Copy your public key (from ~/.ssh/id_dsa.pub) to the remote machine, giving it a unique name (such as myhost_key.pub)
Log in to the remote machine normally and append the public key you just copied to the ~/.ssh/authorized_keys file
Run ssh-add on your local workstation to add your key to the keychain

You can now use any remote hg commands in this session without requiring authentication.

Barthol answered 29/8, 2010 at 9:59 Comment(2)

What should I do on the new 'myhost_key.pub' on the server side? I just copy it to ~/.ssh/ dir, and touched a new file called 'authorized_keys'. and then added one line in it:'myhost_key.pub'. But it dosen't work; – Drenthe 30/8, 2010 at 3:31

You need to append the contents of the public key to the authorized_keys file, not just put a reference to it. The reason the instructions don't say to copy it to that name directly is to not overwrite its existing contents. So step 2 gets the key onto the remote host, and step 3 is to put its contents into the correct file. After that, you can delete the copied myhost_key.pub. I hope that clarifies things. – Barthol 30/8, 2010 at 7:47

Assuming you're using Windows, have a read of my Mercurial/SSH guide. Down the bottom of the post you'll find info on how to use PuTTy to do this for you.

Edit: -- Here's the part of the post that I'm talking about (bear in mind you'll need to have pageant running with your key already loaded for this to work):

Client: Setting up Mercurial

If you haven't already, make sure you install Mercurial on the client machine using the default settings. Make sure you tell the installer to add the Mercurial path to the system PATH.

The last step of configuration for the client is to tell Mercurial to use the PuTTy tools when using SSH. Mercurial can be configured by a user-specific configuration file called .hgrc. On Windows it can also be called Mercurial.ini. The file is located in your home folder. If you don't know what your home folder is, simply open a command prompt and type echo %USERPROFILE% - this will tell you the path.

If you haven't set up your configuration yet, then chances are the configuration file doesn't exist. So you'll have to create it. Create a file call either .hgrc or Mercurial.ini in your home folder manually, and open it in a text editor. Here is what part of mine looks like:

[ui]
username = OJ Reeves

editor = vim
ssh = plink -ssh -i "C:/path/to/key/id_rsa.ppk" -C -agent

The last line is the key and this is what you need to make sure it set properly. We are telling Mercurial to use the plink program. This also comes with PuTTy and is a command-line version of what the PuTTY program itself does behind the scenes. We also add a few parameters:

-ssh : Indicates that we're using the SSH protocol.
-i "file.ppk" : Specifies the location of the private key file we want to use to log in to the remote server. Change this to point to your local putty-compatible ppk private key. Make sure you user forward-slashes for the path separators as well!
-C : This switch enables compression.
-agent : This tells plink to talk to the pageant utility to get the passphrase for the key instead of asking you for it interactively.

The client is now ready to rock!

Polynuclear answered 29/8, 2010 at 9:50 Comment(0)

Install PuTTY.

If you're on Windows, open projectdir/.hg/hgrc in your favorite text editor. Edit it to look like this:

[paths]
default = ssh://[email protected]/name/project

[ui]
username = Your Name <[email protected]>
ssh = "C:\Program Files (x86)\PuTTY\plink.exe" -ssh -i "C:\path\to\your\private_key.ppk" -C -agent

If it's taking forever to push, the server might be trying to ask you a question (but it's not displayed).

Run this:

"C:\Program Files (x86)\PuTTY\plink.exe" -T [email protected] -i "C:\Program Files (x86)\PuTTY\plink.exe" -ssh -i "C:\path\to\your\private_key.ppk"

Answer any questions, and then try pushing again.

If you're using Bitbucket, open your private key with puttygen, copy your public key out of the top textbox, and add it to your user account: https://bitbucket.org/account/user/USERNAME/ssh-keys/

Minutia answered 30/5, 2015 at 23:10 Comment(0)

Client: Setting up Mercurial

Recommended topics

Hot tags