How-to Cards
The practical and handy reference
Home | Categories | Search
You are viewing the public, limited version of the How-to Cards. Connect to the University network physically or via VPN to see all cards.
Card categories
Outline
Last modification
2024-05-15

Key-based Authentication on GitLab#

Key-based authentication allows GitLab users to identify their device once on their account and avoid having to log in via their credentials every time. GitLab uses SSH protocol to communicate with Git.

SSH uses a public and a private key:

  • The public key must be registered in GitLab, where it “identifies” your device.
  • The private key must stay secret and preferably you should only keep it on a single device. The private key is the only key that can be used to authenticate your identity against the public key uploaded to GitLab – if it becomes public, anyone can impersonate your identity and thus use your GitLab account. Make sure you do NOT upload the private key anywhere by accident, not even to GitLab.

Prerequisites#

To use SSH, one of the following must be installed on your device:

  • The OpenSSH client, which comes pre-installed on GNU/Linux, macOS, and Windows 10 via Powershell or WSL.
  • SSH version 6.5 or later. Earlier versions used an MD5 signature, which is not secure.

To view the version of SSH installed on your system, run the following command in your terminal (on Linux or macOS) or Git Bash (on Windows):

ssh -V

Key Generation#

Please note that the steps below describe SSH key generation

If you already have one, your existing key may be overwritten.

  1. Start a terminal

  2. Type the following command at the command prompt and run it after replacing your firstname and lastname:

ssh-keygen -t ed25519 -C firstname.lastname@uni.lu

  1. Accept the suggested filename and directory

  2. Press Enter to continue. Defining a password is not necessary and can be skipped.

  3. To copy the contents of your public key file into the clipboard, run the following command:

    • For macOS:
    tr -d '\n' < ~/.ssh/id_ed25519.pub | pbcopy
    • For Windows:
    cat ~/.ssh/id_ed25519.pub | clip

Saving the SSH Key on GitLab#

Once the content of the public key is copied in the clipboard, you need to register it with your GitLab account.

To save your key to your account:

  1. Log in to GitLab using your LUMS account

  2. Navigate to the Preferences menu

    preferences

  3. User settings will be displayed on the left-hand side menu. Click on the SSH Keys option

    ssh-menu

  4. On the SSH Keys page, click on Add new key button to add your public key

    new-key

  5. Paste your new key into the Key box, name the key and save it by clicking the Add key button

    key-details

Troubleshooting#

Please refer to the GitLab Docs or create a ticket for further assistance regarding the key-based authentication.

The contents are available under CC-BY-SA 4.0 LICENSE.