Translation(s): English - Italiano

SSH access on (AKA

In many cases, you will have to login with SSH to (or one of its aliases like {svn,bzr,git,hg,darcs,arch}, either to update the website of your project or to access associated VCS repositories. This page contains all the infos that you must know concerning your SSH access.

How to handle differing username

In many cases, your login on Alioth is not the same as your usual login (for example because of the -guest suffix). To avoid hardcoding your username everywhere, you can put this in your ~/.ssh/config:

    User my-alioth-username

With this setup, you can do ssh instead of ssh It also avoids the need to hardcode your username in many VCS URLs.

Logging in for the first time

The first time that you login to a machine, your SSH client asks you to verify the fingerprint of the SSH public key of the Alioth host. If the fingerprint differs, you're not connecting to Alioth and you should immediately stop.

Alioth's SSH host keys can be found on

Installing SSH keys

Alioth does not allow password authentication via SSH. You need to authenticate with your own SSH public/private keys. Currently only RSA keys are allowed.

To generate an SSH key pair on your computer, you execute ssh-keygen -t rsa and type a pass-phrase to secure the private key. The public key will be stored in ~/.ssh/ and it's the content of that file that you'll have to paste in the Gforge form mentioned below.

Gforge stores the SSH keys in its database and automatically generates the file ~/.ssh/authorized_keys for you. Thus if you want to add your own SSH key, you have to use the dedicated web page:

Any manually created ~/.ssh/authorized_keys file will be automatically deleted every hour.

I'm unable to Connect via SSH, ...

... and I've only recently been added to a project

You will need to wait 24 hours - this is the current administrative turnover. You have to be a member of at least one project to be able to login via ssh.<my-username> shows the projects you are member of, if any.

... and I've only recently added my SSH public key to Alioth

You will need to wait upto an hour; the processing of your key is carried out by an hourly cron-job.

Example VCS URLs


Good practices of SSH usage

You must read this:

This document sums up many good practices that regular SSH users should follow in order to avoid compromising the security of their accounts (and of the whole machine at the same time).

Configure your ~/.ssh/config to send only the right key.

    User my-alioth-username
    IdentityFile ~/.ssh/id_alioth
    IdentitiesOnly yes

Of course, you should replace ~/.ssh/id_alioth by the filename of the private key whose public counterpart you registered in Alioth. Debian developers should use their standard Debian keys (to be configured via

External links