How to avoid getting locked out of your GIT repo / SSH?

I created ssh keys using ssh-keygen and then created a repo on a source code repo site, assembla.com as a GIT repository. I had to upload the file with my private key (or was it my public key?) to the repo and now I am able to clone no problem.

I had a friend try and access the repo and he wasn't able to, which is good because I had not configured any guests to the repo and wanted it to be private.

But now I am unsure about how to ensure that I do not lose access to my own repo in the future. Do I need to keep a copy of my .ssh folder from my user dir? Export keychains from the keychain tool in mac os x? I'm still trying to get a full understanding of how this works but doesn't SVN simply need username+pass for repo access? What should I do so I can confidently and safely use a GIT S开发者_如何学PythonSH repo such that I won't lose access to it in future?

You should keep your private ssh key in dry, warm, sunless, secure place: your HDD, your backup HDD, your backup place in some other city/country.

Since your key protected with strong long fat random secure password, you can save it "as is", but better to keep it private.

The three files in your .ssh folder:

• known_hosts is just a list of hosts you've connected to. Its primary purpose is protecting you from man-in-the-middle attacks, where someone evil pretends to be the host you try to connect to. You might as well include it in your backups, but it won't make you lose access.

• id_rsa is the private key. This is what you use to identify yourself. As the name says, it's private. Anyone who has it is, as far as this keypair is concerned, you. You should certainly back it up - but safely!

• id_rsa.pub is the public key. This is what you actually give people. When you ssh somewhere using keypair authentication, it's the combination of the public key on the server and the private key from your client that authenticates you. Back it up too; without it, everything you're currently doing will keep working, but you wouldn't be able to pass it out to any more servers, so you'd be kinda stuck.

As for empty passphrases, well, a lot of people do that. It's certainly not the most secure, but there are worse sins to commit. The passphrase is just an extra layer of protection. To be identified as you, you have to provide the private key (something you own) and the passphrase (something you know). In terms of avoiding getting locked out of an account, well, don't forget it and you won't have problems. An empty one gives you increased convenience, and no danger of forgetting it, at the cost of some security.

Finally, most git hosting doesn't use ssh access exclusively. If you have an account with assembla that can be authenticated some other way, then you might have the ability to come back and add or swap out keypairs.