- Heroku Cookbook
- Mike Coutermarsh
- 418字
- 2021-08-05 17:14:29
Managing SSH keys
Heroku manages access to our application's Git repository with SSH keys. When we first set up the Heroku Toolbelt, we had to upload either a new or existing public key to Heroku's servers. This key allows us to access our Heroku Git repositories without entering our password each time.
If we ever want to deploy our Heroku applications from another computer, we'll either need to have the same key on that computer or provide Heroku with an additional one. It's easy enough to do this via the CLI, which we'll learn in this recipe.
How to do it…
To get started, let's fire up a terminal. We'll be using the keys command in this recipe by performing the following steps:
- First, let's view all of the existing keys in our Heroku account:
$ heroku keys === coutermarsh.mike@gmail.com Keys ssh-rsa AAAAB3NzaC...46hEzt1Q== coutermarsh.mike@gmail.com ssh-rsa AAAAB3NzaC...6EU7Qr3S/v coutermarsh.mike@gmail.com ssh-rsa AAAAB3NzaC...bqCJkM4w== coutermarsh.mike@gmail.com
- To remove an existing key, we can use
keys:remove. To the command, we need to pass a string that matches one of the keys:$ heroku keys:remove "7Qr3S/v coutermarsh.mike@gmail.com" Removing 7Qr3S/v coutermarsh.mike@gmail.com SSH key... done
- To add our current user's public key, we can use
keys:add. This will look on our machine for a public key (~/.ssh/id_rsa.pub) and upload it:$ heroku keys:add Found existing public key: /Users/mike/.ssh/id_rsa.pub Uploading SSH public key /Users/mike/.ssh/id_rsa.pub… done
Note
To create a new SSH key, we can run
$ ssh-keygen -t rsa. - If we'd like, we can also specify where the key is located if it is not in the default
/.ssh/directory:$ heroku keys:add /path/to/key.pub
How it works…
SSH keys are the standard method for password-less authentication. There are two parts to each SSH key. There is a private key, which stays on our machine and should never be shared, and there is a public key, which we can freely upload and share.
Each key has its purpose. The public key is used to encrypt messages. The private key is used to decrypt messages.
When we try to connect to our Git repositories, Heroku's server uses our public key to create an encrypted message that can only be decrypted by our private key. The server then sends the message to our machine; our machine's SSH client decrypts it and sends the response to the server. Sending the correct response successfully authenticates us.
Note
SSH keys are not used for authentication to the Heroku CLI. The CLI uses an authentication token that is stored in our ~/.netrc file.
- PHP程序設計(慕課版)
- JavaScript 網頁編程從入門到精通 (清華社"視頻大講堂"大系·網絡開發視頻大講堂)
- DevOps入門與實踐
- Web Development with Django Cookbook
- Apex Design Patterns
- 小學生C++創意編程(視頻教學版)
- 軟件測試技術指南
- ASP.NET程序設計教程
- Flutter跨平臺開發入門與實戰
- Solutions Architect's Handbook
- Julia High Performance(Second Edition)
- Data Manipulation with R(Second Edition)
- Building Clouds with Windows Azure Pack
- 算法訓練營:海量圖解+競賽刷題(入門篇)
- HTML5/CSS3/JavaScript技術大全