Git: access a remote repository over ssh using a key file but without using ~/.ssh/config

Question

Is it possible to access (fetch/push) a remote repository using ssh and an identity file (with the private key) without adding an entry in the file ~/.ssh/config such as:

Host tingle
  HostName 111.222.333.444
  User git
  IdentityFile c/tmp/my_id_rsa

Everything works fine when configuring the ~/.ssh/config file. However we have a script which clones from a remote repo, checks out, starts testing, commits results and pushes them. The script need to run on any machine without touching the ssh config file.

Could you create a custom config file with what you have above that's only used where you need it (e.g. `ssh tingle -F my_custom_config`)? — Ownaginatious, Jun 07 '16 at 18:23
This answer might be useful. I stumbled on it while looking for something similar earlier this week. http://stackoverflow.com/a/4565746/1789724 — austin, Jun 07 '16 at 18:29
Check the post here: >http://stackoverflow.com/questions/7927750/specify-an-ssh-key-for-git-push-for-a-given-domain — prateek05, Jun 07 '16 at 18:31

score 10 · Answer 1 · answered Jun 10 '16 at 07:34

You can use the variable $GIT_SSH, see the documentation, to set a program that is invoked instead of ssh.

That way you can, e.g. do GIT_SSH=/my/own/ssh git clone https://my.own/repo.git

Adapt the contents of /my/own/ssh to your own need, e.g.:

#!/bin/bash
# Wrapper for ssh, to use identity file and known hosts file
exec /usr/bin/ssh -i /my/own/identity_file-o UserKnownHostsFile=/my/own/hosts.file "$@"

As far as I know this is currently the only way to do this without rather untidy path manipulations.

This works. Especially handy if our script creates an own host config file and add to the wrapper: exec /usr/bin/ssh - F our_ssh_host "$@" — Paul Pladijs, Jun 17 '16 at 09:24

score 4 · Answer 2 · answered Jun 10 '16 at 07:32

You could override the $GIT_SSH environment variable to use your own private key:

First, create a wrapper script. Let assume we call it gitssh.sh:

#!/bin/bash
ssh -i /path/to/mykey "$@"

Then, point $GIT_SSH to it:

export GIT_SSH=/path/to/gitssh.sh

Now, whenever you run a git command over ssh, it will be substituted with this script, and references your key.

murraybo · Answer 3 · 2016-06-10T08:45:07.460

The following should do the trick

GIT_SSH_COMMAND="ssh -i c/tmp/my_id_rsa" git push

This allows you to add parameters to the ssh execution without the need of an additional script file.

Depending on your script you can fine tune this by defining and exporting the environment variable GIT_SSH_COMMAND before the actual execution of git or use if etc. to only use it when you are communicating with tingle

In your config file you mention user and host, too. This should already be part of the git remote definition. If you still need to override this you could add these to the above command definition.

One remark the command above is not checking which host actually is invoked by git. But if you are desperate you could try to build a inline shell script with this "trick" that checks the hostname and mimics the config file host restriction ;-).

As a starter that would maybe look like this: GIT_SSH_COMMAND="bash -c \"if [ \\\"$1\\\" = \\\"user@host\\\" ] ; then ssh -i c/tmp/my_id_rsa $@ ; else ssh $@ ; fi \" -- " git push

I didn't test this and be aware of quoting ;-). It's for the desperate.

Dario · Answer 4 · 2016-06-15T16:13:36.167

3

If you want to use a custom ssh key you can try with this:

ssh-agent bash -c 'ssh-add /path/to/your/id_rsa; git clone git@github.com:repo'

In this way you don't need to write/edit any config file or modify your enviroment.

edited Jun 15 '16 at 16:13

answered Jun 12 '16 at 18:49

Dario

3,905
2
13
27

Git: access a remote repository over ssh using a key file but without using ~/.ssh/config

4 Answers4