Good news! Customers using Kiln can now use SSH!

When SSH is enabled, the Clone URL links on repository pages give an option to choose between HTTP(S) and SSH protocols. Mercurial, Git, and TortoiseHg operations like clone, pull, and push can use either the SSH or HTTP server address.

If you’ve already configured SSH, you can find the SSH/HTTP toggle on the upper-right of every repository. It will provide the exact clone URL for Hg and Git for either HTTP or SSH.

ssh

Before you start using SSH, though, you’ll need to do some extra configuration.

Windows Users

  1. Install Client Tools
    1. The Kiln 3.0 Client Tools include an updated TortoiseHg that resolves some known SSH issues. If you haven’t already upgraded, now’s a good time.Pageant is what you’ll use to talk to Kiln via SSH; by default, Pageant is installed in C:\Program Files\TortoiseHg\pageant.exe. The latest version of Pageant can be obtained from the PuTTY utilities download page.
    2. If you run the client tools on Windows Server 2003 or earlier, you’ll need to update pageant.exe manually; PuTTY 0.60 (the version we ship) is not fully compatible with Windows Server 2003.
  2. Generate client SSH key and configure Mercurial to use it
    1. Create a new SSH-2 RSA key with PuTTYgen. We recommend 2048 or 4096 bit keys. PuTTYgen is available from the PuTTY utilities download page.
    2. Add a passphrase and save the key as a private key in PuTTYgen, and optionally put it in your Startup group so that the key will automatically be loaded when you log in.
    3. Double-click the saved key to load it into Pageant (see above for Pageant’s location). Pageant will stay in memory and automatically provide the loaded key to TortoiseHg and the Mercurial command-line tools.
  3. Share your client key with Kiln
    1. In PuTTYgen copy the text from “Public key for pasting…” box to the clipboard.
    2. In Kiln open the “SSH Keys” page from the top menu > SSH Keys. Note that SSH can be disabled by your Kiln administrator. In this case, the SSH Keys page and SSH repository URL links will not be available.
    3. Click “Add a New Key” and paste public key there, click Save Key.

But I use Git!

No worries! You can follow the same instructions, to generate your client key (Step 2 above), just choose Conversions > Export OpenSSH key when you save your private key. You’ll want to name this file id_rsa and put it in the .ssh folder in your home directory. For example, if your user is “kiln” on Windows 7, your private key would be C:\Users\kiln\.ssh\id_rsa.

Since Git uses OpenSSH, you won’t need to open Pageant to connect to your repositories over SSH. If you’re using Git exclusively you won’t need to worry about Pageant at all!

Mac and Unix Users

  1. Generate an SSH key. We recommend 2048 or 4096 bit keysTo do this, open a terminal and run ssh-keygen -t rsa and follow the instructions. Yes, this works with Git too!
  2. Share your SSH key with Kiln. Once you’ve successfully generated your key, you’ll need to share it with Kiln. Type cat ~/.ssh/id_rsa.pub, copy the result to your clipboard, and then, in Kiln, go to the top menu and click on your avatar. Note that SSH Keys is now an option. On that page, click Add a New Key and paste in the public key you copied above.

Fingerprint

If needed, the hostfingerprint for Kiln is b6:e6:7e:86:91:84:29:b6:14:9c:23:57:1a:1d:27:67

Disable IP Whitelists

IP whitelists are incompatible with SSH. Please make sure they’re disabled.

Switching protocols

If you want to start pushing and pulling a repository you cloned with https using ssh, just edit the file hgrc inside the .hg folder in the repo on your machine. Change the URL there to the new URL from the repo page in Kiln. For example:

[paths]default= https://myaccount.kilnhg.com/Code/Widget/Group/myrepo

changes to:

[paths]default= ssh://myusername@myaccount.kilnhg.com/Code/Widget/Group/myrepo

That’s it!

You should now be fully configured for SSH.