The sound distributed version control system

#753 Documentations on keys is not clear

Opened by iopq on January 19, 2023
iopq on January 19, 2023

I run

pijul key generate *name* then I add a password

I get some keys somewhere, but it’s not clear where. I find some stuff in ~/.config/pijul

It’s a json, so I paste the whole public key into the Nest field, it doesn’t like it. I paste the “key” portion and it doesn’t like it.

it just keeps saying Your key seems invalid. See the help pages about keys.

The help page doesn’t mention this error or what I should put in that text field other than:

 Uploading public keys

 Pijul and the Nest use two kinds of keypairs (public and secret): keys for signing patches, and keys for SSH access.

Then it goes on to say

SSH public keys

The Nest’s profile settings page contains a field to add SSH public keys. At the moment, supported formats are Ed25519 and RSA. Pijul can handle password-protected keys, and can talk to SSH agents.

But it doesn’t work when I add the public key in the Ed25519 format

I’m not sure, should I give the private key to Nest or public?

joyously on January 28, 2023

Are you referring to https://pijul.org/manual/keys.html or to the help text from pijul help key? Both refer to the pijul key prove command, but obviously it needs to be made clearer.

iopq on January 29, 2023

Ah, yes, I wasn’t sure how to do it because I needed to create a password. I signed up with Github so when I entered the key password it didn’t work

iopq on January 29, 2023

I did the prove thing

pijul key prove iopq@ssh.pijul.com
Password for iopq@ssh.pijul.com: 
Password for "/home/iopq/.config/pijul/secretkey.json": 

now what? When I try to push

pijul push iopq@ssh.pijul.com/iopq:nixos-config
Password for iopq@ssh.pijul.com: 
Repository not found, or insufficient permissions
Error: Remote exited with status 1
spacefrogg on February 10, 2023
pijul push iopq@ssh.pijul.com/iopq:nixos-config

This line looks wrong. /iopq should go between the colon and nixos-config.

Did you create the repository, first? See the manual.

iopq on February 28, 2023

if I put the /iopq in between the colon and nixos-config it will be

pijul push iopq@ssh.pijul.com:/iopqnixos-config

should I put another slash in there like

pijul push iopq@ssh.pijul.com:iopq/nixos-config

I got

Error: Remote channel “723504b46db504164f1bddfa165bbfc7cd60337a” not found

iopq on February 28, 2023

Another issue is I had to push to the channel main

pijul push iopq@ssh.pijul.com:iopq/nixos-config –to-channel main

I tried creating another channel in the web interface, it showed a checkmark and did nothing

iopq on February 28, 2023

so I wanted to name my remote nest or something

https://discourse.pijul.org/t/how-to-add-named-remote/870/4

I followed this, but pijul remote doesn’t show the nest remote (like it says in that thread)

My file is <repo>/.pijul/config

the docs say it should be config.toml so I might have an older version (I have pijul 1.0.0-beta.2)

iopq on February 28, 2023

I first did

pijul channel rename main

then with the config change I can now do

pijul push nest

and then it prompts me for a password, how do I avoid typing the password in every time?

spacefrogg on March 2, 2023

It is the purpose of an “SSH agent” to cache your password. Availability and configuration depends on your operating system. Generally, it will ask for your password in a separate dialogue and cache it for a configurable amount of time. Additionally, you may be able to pre-load your SSH key, ssh-add is the tool on Linux to do that, such that you never have to enter the password throughout a login session.

daniel-pfeiffer on November 14, 2024

I am also bewildered about initial setting up. I have guessed I need to ssh-keygen, which gives me this. I have successfully uploaded that (tried both with and without the email-like comment) to Nest:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHUEEFwrD7uXxcWXfKQaX2e3jSvbcU8EYvU6Vo4UFn2D pfeiffer@trobador

I have generated a new identity (and also tried uploading both that key and signature, but neither were accepted as valid:)

username = "daniel-pfeiffer"
origin = "ssh.pijul.com"
last_modified = "2024-11-14T09:23:57.423742387Z"

[public_key]
version = 0
algorithm = "Ed25519"
signature = "5tGrS6TQJeANzbjbq6Qn5KETau5w7jVPPxcnhvSC9LdwgBKgJYFQH3ASf8osgYMLgr94oNxuEhmxVNzdMkXX3p4F"
key = "BgiW91dKFhJkXuN36Rs1WWwrPDyRm8nKtCc9fXfUNHJo"

In config.toml I have tried, none (since you say it’s optional) or only either one of these key_path lines at a time:

[author]
name = "daniel-pfeiffer"
key_path = "/home/pfeiffer/.ssh/id_ed25519"
key_path = "/home/pfeiffer/.ssh/id_ed25519.pub"

All to no avail. This always either hangs forever after the 1st line, or quickly comes back with an error:

$ pijul identity prove ssh.pijul.com
Linking identity `daniel-pfeiffer` with daniel-pfeiffer@ssh.pijul.com
Warning: Unable to automatically authenticate with server. Please make sure your SSH keys have been uploaded to the Nest.
For more information, please visit https://pijul.org/manual/the_nest/public_keys.html#ssh-public-keys
Error: Not authenticated. Please check your credentials and try again.
iopq on June 12, 2025

Coming back, forgot what I did to make it work, still just as confusing as last time

pijul identity edit hangs when I give it the ~/.ssh/id_rsa key

EDIT: this is because I didn’t do ssh-add ~/.ssh/id_rsa

sounds like something that should be mentioned in the setup

EDIT: still getting

Warning: Unable to automatically authenticate with server. Please make sure your SSH keys have been uploaded to the Nest.

but I have uploaded the SSH key to the nest