This is a guide to add a SSH key to your Github account.
A good guide is done by Antonio Medeiros here and here.
Existing SSH Keys
First, check and see what are the current SSH keys. This can be done with
$ ls -lah ~/.ssh
total 28K
drwx------ 2 nickshu nickshu 4.0K Dec 21 00:45 .
drwx------ 45 nickshu nickshu 4.0K Jan 13 15:00 ..
-rw------- 1 nickshu nickshu 4.2K Dec 29 21:14 known_hosts
-rw------- 1 nickshu nickshu 3.5K Dec 21 00:39 known_hosts.old
Generate a new SSH Key
Next, you need to generate a new key. If you check the man ssh-keygen
, you’ll see that the -t
tag has 6 different types of keys you can choose from.
- DSA
- EcDSA
- EcDSA-SK
- Ed25519
- Ed25519-SK
- RSA
For more information on some of these types, you may visit https://goteleport.com/blog/comparing-ssh-keys/
$ ssh-keygen -t ed25519 -C "[email protected]"
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/username/.ssh/id_ed25519):
Here you may either enter a specific path for your key pair, or you may use the default location. Finally, you will be prompted to enter a password. By not adding a password, it will allow your authentication to Github to not require a password
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
This will create a key pair: a private and a public key on your desired location. The public key will have the extension .pub
, whereas the private key will not have an extension. Do not share your private key.
Add the Key to Github
On Github, go to your Settings
> SSH and GPG keys
, where you will see a list of your SSH keys.
Press on New SSH key
and copy and paste your SSH public key (e.g. /home/username/.ssh/mykey.pub).
At this point, the key has been added to your Github account. Now you need to add it to the ssh-agent
.
Add your SSH Key to the ssh-agent
One-Time Use
Your SSH agent will help you so that you are not having to add your passphrase every time. First start the ssh-agent in the background.
$ eval "$(ssh-agent -s)"
Next, add the SSH private key to the ssh-agent.
$ ssh-add ~/.ssh/path/to/ssh/private/key
Permanent Use
So, the easiest way to do so is to force the keys to be always kept. This can be done by adding to the ~/.ssh/config
file. If your file does not exist, then simply create it and add the private keys
IdentityFile ~/.ssh/github_priv_key
IdentityFile ~/.ssh/server_priv_key
And then change the permissions to 600
$ cd ~/.ssh
$ ls -la
...
-rw-r--r-- 1 nickshu nickshu 58 Jan 13 16:01 config
...
$ chmod 600 ~/.ssh/config
$ ls -la
...
-rw------- 1 nickshu nickshu 58 Jan 13 16:01 config
...
Alternatively, if you’d like to map a specific key to a specific host, you may use the following:
Host github.com
User git
IdentityFile ~/.ssh/github_priv_key
Finally, from this point on, you won’t have to add the SSH key to the SSH agent every time. A more thorough answer can be found here
Test your SSH connection
$ ssh -T [email protected]
Hi username! You've successfully authenticated, but GitHub does not provide shell access.
Using your SSH Keys to Verify Commits
You can also verify your commits via yoru SSH key. To do so, you will need to run the following commands:
git config --global gpg.format ssh
git config --global user.signingkey /home/user/.ssh/mykey.pub
This will yield your ~/.gitconfig
file to be:
[user]
email = [email protected]
name = Nick Shu
signingkey = /home/user/.ssh/mykey.pub
[gpg]
format = ssh
Then, on Github’s Settings page, make sure you add another SSH key, and instead of an “Authentication Key”, you set it as “Signing Key” and then you add the same key. From now on, if you wish to do a verified commit, then you should commit it with the -S
flag.
git commit -S -m "my message"