Accessing private repositories and setting up write access

Summary

This article explains how to authorize SSH key to be able to push changes and pull from not-whitelisted repositories.

Access to private repositories is available on paid plans only. Not using paid plan? Upgrade

See also

What happens behind the scenes

If you create a new project from public whitelisted git repository then you don't need anything but repository URL and, optionally, branch and root folder name. However, when it comes to accessing private repository, you need to do some extra setup.

We use public key authentication for accessing git repositories, and internally we generate your personal unique public and private keys. To be able to read from a private repository you need to upload your public key to the repository server. Below you can find step-by-step instructions for the most popular git hosting services.

SSH keys authentication works only when accessing repository over SSH. In this case the URL looks like user@example.com:path/to/repo.git. Git hosting services usually allow for choosing the format of the repository URL.

Setup instructions

Before you start setting up your git server you need to copy your public key to the clipboard. Open New Project dialog, go to From git tab, expand SSH key section, select everything inside the text area and copy the selection into the clipboard.

GitHub
  1. Go to ssh keys section in your GitHub account settings.
  2. Click "Add SSH key" button in the top-right corner.
  3. Fill the title field in the shown form with anything you want. For example, "Papeeria web interface".
  4. Paste the copied key to "Key" field, click "Add key".
  5. That's it, now you can read and write to all your repositories on GitHub.
Bitbucket
  1. Go to your Bitbucket account settings.
  2. Open SSH keys settings.
  3. Click "Add key" button.
  4. Paste the copied key into the key field.
  5. Fill the label field with anything you want. For example, "Papeeria web interface".
  6. Click "Add key" button.
  7. That's it, now you can read and write to all your repositories on Bitbucket.
GitLab
  1. Go to ssh keys section in your GitLab account settings.
  2. Click "Add SSH key" button in the top-right corner.
  3. Fill the title field in the shown form with anything you want. For example, "Papeeria web interface".
  4. Paste the copied key to "Key" field, click "Add key".
  5. That's it, now you can read and write to all your repositories on GitLab.
Your own server

Generally you should follow the instructions on configuring secure shell on your operating system, e.g. this manual for Unix-like systems. Below is a short summary which should work in most cases, but your mileage may vary.

  1. Login to the server as the user specified in the repository url. For example, if the url looks like john@example.com:path/to/repo.git, then login to example.com as john.
  2. Paste the copied key on separate line in file ~/.ssh/authorized_keys. If file doesn't exist, just create it.
  3. That's it, now you can read and write to repositories on the server from Papeeria web interface.

Security notes

Your key pair is created personally for you and is unique. You can't read data from repository where your public key is not authorized, and nobody can read data from your repository if they don't know your private key. Public key is, well, public and is safe to share. Private key should be kept in secret, and we store it according to our terms of service. Given that you can authorize as many key pairs as you wish, most likely you don't need the private key generated by us outside of Papeeria, so we don't even show it to you. However, if you really need it, just drop us an email. Also send us an email if you want to re-generate your key pair (this is just not yet in the UI).

When you add a key generated by Papeeria into the git hosting account, you grant us read and write access to all repositories accessible to the account, not only to the one which you fetch into Papeeria. We promise not to abuse these privileges but if you want to be even more safe, you can do the following:

  1. Create a new git hosting user yourusername-papeeria.
  2. Grant that user read access to the repository which you want to fetch into Papeeria using the repository settings on the git hosting.
  3. Complete the instructions given above for that user.

In this case Papeeria will be able to read only those repositories which are readable by yourusername-papeeria.