- Heroku Cookbook
- Mike Coutermarsh
- 418字
- 2021-08-05 17:14:29
Managing SSH keys
Heroku manages access to our application's Git repository with SSH keys. When we first set up the Heroku Toolbelt, we had to upload either a new or existing public key to Heroku's servers. This key allows us to access our Heroku Git repositories without entering our password each time.
If we ever want to deploy our Heroku applications from another computer, we'll either need to have the same key on that computer or provide Heroku with an additional one. It's easy enough to do this via the CLI, which we'll learn in this recipe.
How to do it…
To get started, let's fire up a terminal. We'll be using the keys command in this recipe by performing the following steps:
- First, let's view all of the existing keys in our Heroku account:
$ heroku keys === coutermarsh.mike@gmail.com Keys ssh-rsa AAAAB3NzaC...46hEzt1Q== coutermarsh.mike@gmail.com ssh-rsa AAAAB3NzaC...6EU7Qr3S/v coutermarsh.mike@gmail.com ssh-rsa AAAAB3NzaC...bqCJkM4w== coutermarsh.mike@gmail.com
- To remove an existing key, we can use
keys:remove. To the command, we need to pass a string that matches one of the keys:$ heroku keys:remove "7Qr3S/v coutermarsh.mike@gmail.com" Removing 7Qr3S/v coutermarsh.mike@gmail.com SSH key... done
- To add our current user's public key, we can use
keys:add. This will look on our machine for a public key (~/.ssh/id_rsa.pub) and upload it:$ heroku keys:add Found existing public key: /Users/mike/.ssh/id_rsa.pub Uploading SSH public key /Users/mike/.ssh/id_rsa.pub… done
Note
To create a new SSH key, we can run
$ ssh-keygen -t rsa. - If we'd like, we can also specify where the key is located if it is not in the default
/.ssh/directory:$ heroku keys:add /path/to/key.pub
How it works…
SSH keys are the standard method for password-less authentication. There are two parts to each SSH key. There is a private key, which stays on our machine and should never be shared, and there is a public key, which we can freely upload and share.
Each key has its purpose. The public key is used to encrypt messages. The private key is used to decrypt messages.
When we try to connect to our Git repositories, Heroku's server uses our public key to create an encrypted message that can only be decrypted by our private key. The server then sends the message to our machine; our machine's SSH client decrypts it and sends the response to the server. Sending the correct response successfully authenticates us.
Note
SSH keys are not used for authentication to the Heroku CLI. The CLI uses an authentication token that is stored in our ~/.netrc file.
- iOS 9 Game Development Essentials
- Java游戲服務(wù)器架構(gòu)實(shí)戰(zhàn)
- 云原生Spring實(shí)戰(zhàn)
- Practical Windows Forensics
- PLC編程及應(yīng)用實(shí)戰(zhàn)
- 數(shù)據(jù)結(jié)構(gòu)(C語言)
- Java軟件開發(fā)基礎(chǔ)
- Apache Mesos Essentials
- Instant Debian:Build a Web Server
- Serverless Web Applications with React and Firebase
- Java并發(fā)實(shí)現(xiàn)原理:JDK源碼剖析
- The Applied Data Science Workshop
- Android項(xiàng)目實(shí)戰(zhàn):博學(xué)谷
- Python網(wǎng)絡(luò)爬蟲從入門到實(shí)踐
- C語言從入門到精通(微視頻精編版)