Categories
git GNU/Linux ssh Windows

Dealing with SSH key management in a mixed Windows and GNU/Linux environment with WSL.

I am going to drop a bunch of tips which may be useful to people using SSH in a extensive way for development to authenticate against their remote git user in say Gitlab, Gitea, Github or Bitbucket and happens to not being able to work in the best operative system for development.

The first thing is SSH key generation, you surely would not like to have to update your SSH key in the remote Git server because you accidentally generated a new pair of keys so you should be careful while typing the ssh-keygen, you should do it before submiting your key to the remote server and NEVER again.

Choose carefully the root of your ssh keys in every computer and put yourself the rule of never overriding that SSH key pair to avoid losing accidentally the access to the remote repository.

That said you install your GNU/Linux distribution of choice, generate a key pair and submit the .ssh/id_rsa.pub to the remote repository and then you should be able to work from your WSL user cloning repositories, but then you want to clone the repository in for example a directory owned by www-data.

You may try:

cd /var/www/
sudo git clone ssh://user@host/myfancyrepo

That will give you a beautiful permission denied and you may stick confused because of this, but you should be aware ssh keys are private for every user, so if you think about it, it’s simply logic root has different ssh keys than your user.

A correct approach would be:

sudo mkdir ~root/.ssh
sudo cp ~/.ssh/id_rsa{,.pub} ~root/.ssh
sudo git clone ssh://user@host/myfancyrepo

But correct is not good, a better approach would be to do it with the user owner of the folder like this since when the directory with the repository is created if it needs some sort of installation, say composer or npm you will be tempted to do that installation with root which is absolutely discouraged.

sudo mkdir ~www-data/.ssh
sudo cp ~/.ssh/id_rsa{,.pub} ~www-data/.ssh/
sudo -u www-data git clone ssh://user@host/myfancyrepo

If you are too often having to use git repositories outside your WSL environment in Windows folders, you will find soon how slow it can get, I recommend you to install the Git for Windows and ensure it is in the Windows PATH and then add this lines to your .bashrc:

export WIN_DIR=/mnt/c
export GIT=$(which git)

git_wrapper() {
    if perl -e 'exit int($ARGV[1] !~ /^@{[$ARGV[0]]}(?:\/|$)/)' $WIN_DIR $PWD; then
        git.exe $@ 
    else  
        $GIT $@
    fi      
}

alias git=git_wrapper 

You will need to copy your SSH keys to the Windows user like this:

sudo mkdir -pv /mnt/c/Users/<youruser>/.ssh/
sudo cp ~/.ssh/{id_rsa{,.pub} /mnt/c/Users/<youruser>/.ssh/

This should allow you to painlessly be able to use wsl to work with both WSL repositories and Windows ones.

This post is a compilation of common issues I have been seen and suffered during the development in Windows in my job and I hope it helps somebody else to do not fall in some traps to the newbies leading with SSH key management.