kevin/how-to-contribute
1
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Added windows powershell setup for gitea #1

Open
umedina wants to merge 1 commits from umedina/how-to-contribute:main into main
pull from: umedina/how-to-contribute:main
merge into: kevin:main
Conversation 0 Commits 1 Files Changed 1 +248
1 changed files with 248 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit dc0f7f2823 - Show all commits

248
README.md
View File

@@ -15,3 +15,251 @@
`ssh code.kpuig.net` `ssh code.kpuig.net`
If this command gives you anything but an affirmative that you're configured correctly, that means you have misconfigured something, most likely in SSH but possibly in git. If this command gives you anything but an affirmative that you're configured correctly, that means you have misconfigured something, most likely in SSH but possibly in git.
# Using PowerShell for Git/Gitea over SSH (Windows)
This guide assumes some PowerShell experience. It walks you from setup → generating SSH keys → fixing permissions → testing → cloning/pushing with Git. It also includes simple PowerShell basics youll reuse later.
### 1) Open PowerShell (two ways)
---
- **Normal window (most tasks):** Press **Start** → type **PowerShell** → Enter.
- **Administrator window (needed for ownership/ACL fixes):** Start → type **PowerShell****Rightclick → Run as administrator**.
How to tell: the title bar will say **Administrator: Windows PowerShell** if elevated.
### 2) Check/OpenSSH is installed (client)
---
Most modern Windows include it already.
```powershell
ssh -V # shows version if installed
```
If you see an error:
1. **Settings****Apps****Optional features****Add a feature** → Install **OpenSSH Client**.
2. Reopen PowerShell and try `ssh -V` again.
### 3) PowerShell basics youll use
---
- **Current user home**: `C:\Users\<YourName>` (shortcut in PowerShell: `$env:USERPROFILE`)
- **Change directory**: `cd <path>`
Example: `cd $env:USERPROFILE\.ssh`
- **List files**: `dir` or `ls`
- **Create folder**: `New-Item -ItemType Directory -Path <path>`
- **View a file**: `type <file>` (or `notepad <file>` to open Notepad)
### 4) Create the **.ssh** folder (if it doesnt exist)
---
```powershell
$ssh = "$env:USERPROFILE\.ssh"
if (!(Test-Path $ssh)) { New-Item -ItemType Directory -Path $ssh | Out-Null }
cd $ssh
```
### 5) Generate an SSH key pair (private + public)
---
Use **ed25519** unless your host requires RSA.
```powershell
ssh-keygen -t ed25519 -C "your.email@example.com" -f "$env:USERPROFILE\.ssh\some_id"
```
- When prompted for a passphrase: press **Enter** (no passphrase) or set one for extra security.
- This creates two files:
- **`some_id`** (private key — **keep secret**)
- **`some_id.pub`** (public key — youll upload this)
> If you already have a key, skip generation and just make sure you know the file name.
### 6) Lock down privatekey permissions (Windows ACLs)
---
Open **PowerShell as Administrator** for this section.
```powershell
$k = "$env:USERPROFILE\.ssh\some_id"
# Make you the owner
icacls $k /setowner "$env:USERNAME"
# Stop inheriting broader folder permissions
icacls $k /inheritance:r
# Remove groups that make it too open (ignore errors if not present)
icacls $k /remove "BUILTIN\Administrators" "Users" "Authenticated Users" "Everyone" 2>$null
# Grant yourself read access (enough for SSH)
icacls $k /grant:r "$env:USERNAME:R"
# (Optional) allow SYSTEM read
icacls $k /grant:r "NT AUTHORITY\SYSTEM:R"
# Verify
icacls $k
```
Expected output includes only **`<YourName>:(R)`** (and optionally **`NT AUTHORITY\SYSTEM:(R)`**).
> If you see: **“WARNING: UNPROTECTED PRIVATE KEY FILE!”** later, rerun the ACL steps above.
### 7) Upload your **public** key to Gitea
---
1. Show/copy your public key:
```powershell
type "$env:USERPROFILE\.ssh\some_id.pub"
```
2. Go to your Gitea **Profile → Settings → SSH / GPG Keys → Add Key**.
3. Paste the entire singleline key (starts with `ssh-ed25519` or `ssh-rsa`). Save.
> **Never** upload the private key (`some_id`). Only the `.pub` file.
### 8) Tell SSH which key to use for your host
---
Create/edit `C:\Users\<You>\.ssh\config`:
```text
Host code.kpuig.net
User git
IdentityFile C:\Users\<You>\.ssh\some_id
IdentitiesOnly yes
# Port 22 # If your Gitea shows a different port, set it here
```
You can create this file via Notepad:
```powershell
notepad "$env:USERPROFILE\.ssh\config"
```
### 9) Test the SSH connection
---
```powershell
ssh -T git@code.kpuig.net # add -p <port> if needed
```
**Success looks like:**
```
Hi there, <username>! You've successfully authenticated ... but Gitea does not provide shell access.
```
If you see **PTY allocation request failed** — thats normal; its just saying theres no shell. Authentication still worked.
### 10) Use Git with SSH (clone, fetch, push)
---
```powershell
# Navigate to where you keep projects
cd $env:USERPROFILE\Projects
# Clone via SSH (check the clone URL in Gitea)
git clone git@code.kpuig.net:owner/repo.git
cd repo
# Typical workflow
git pull
# make changes
git add .
git commit -m "Your message"
git push
```
> If Git says “Permission denied (publickey)”: verify your `~/.ssh/config` host, the key path, and that the **matching** public key is in Gitea.
### 11) Common errors & quick fixes
---
**A) `Load key "... .pub": invalid format`**
You pointed SSH to the **public** key. Use the **private** key (no `.pub`).
**B) `WARNING: UNPROTECTED PRIVATE KEY FILE!`**
Reapply the ACLs from step 6 (only you should have Read on the private key).
**C) `Permission denied (publickey)`**
- Ensure the public key in Gitea matches your private key:
```powershell
ssh-keygen -y -f "$env:USERPROFILE\.ssh\some_id" > "$env:USERPROFILE\.ssh\some_id.pub"
```
- Confirm your SSH config host & port; try `ssh -vvv -T git@code.kpuig.net` and read the last lines.
**D) Host key changed / MITM warning**
If the server was rebuilt, clear the old fingerprint:
```powershell
ssh-keygen -R code.kpuig.net
```
Retry to accept the new host key.
### 12) Optional: `ssh-agent` convenience (cache passphrase)
---
If your private key has a passphrase:
```powershell
Start-Service ssh-agent # may require admin the first time
Get-Service ssh-agent
ssh-add "$env:USERPROFILE\.ssh\some_id"
```
Now SSH/Git can use the key without asking for the passphrase every time.
### 13) Quick glossary
---
- **PowerShell**: Windows command shell
- **SSH**: Secure shell protocol for authentication and Git
- **Private key**: Stays on your PC; keep secret
- **Public key**: Safe to upload; server uses it to verify you
- **ACL/Permissions**: Who can read a file
- **Gitea**: Selfhosted Git service
### 14) Copypaste checklist (TL;DR)
---
```powershell
# 1) Create folder
mkdir $env:USERPROFILE\.ssh -ea 0
# 2) Generate key
ssh-keygen -t ed25519 -C "your.email@example.com" -f "$env:USERPROFILE\.ssh\some_id"
# 3) Lock private key (Run PowerShell as Admin)
$k = "$env:USERPROFILE\.ssh\some_id"
icacls $k /setowner "$env:USERNAME"
icacls $k /inheritance:r
icacls $k /remove "BUILTIN\Administrators" "Users" "Authenticated Users" "Everyone" 2>$null
icacls $k /grant:r "$env:USERNAME:R"
# 4) Put pubkey into Gitea
notepad "$env:USERPROFILE\.ssh\some_id.pub" # copy to Gitea → Settings → SSH Keys
# 5) SSH config
notepad "$env:USERPROFILE\.ssh\config" # paste Host block pointing to some_id
# 6) Test
ssh -T git@code.kpuig.net
```
Youre ready to clone and push.