Git : Setting up ssh keys

SSH keys are a way to identify trusted computers, without involving passwords. This is a public/private pair combination that will allow you to dynamically work with the remote site without having to log in every time.

First, we need to check for existing SSH keys on your computer. Open Git Bash and enter:

git_ssh1

Right now I dont have any ssh keys generated in my system, hence no such directory. Lets generate a new ssh key by following command

$ssh-keygen -t rsa -C <your email address>

The default file it stores is id_rsa inside .ssh folder in your user home. I am providing a filename so that later i could connect multiple accounts with different email address from the same system. (Note : in some cases you may have to create .ssh folder in your user home manually, and since windows wont allow you to create a folder starting with . you can use mkdir command from command line). Next, it asks us for a passphrase and this is useful if we want to make it a little bit more secure on our computer. Without this, somebody could easily connect to our remote repository from our computer. If we’re not particularly worried about anybody accessing our computer, then we don’t have to worry about this.

After you enter a passphrase, you’ll be given the fingerprint, or id, of your SSH key. I have ommited that part in the following screenshot.

git_ssh2

Lets configure our GitHub account to use our SSH key. Open your .ssh folder. There will be 2 files created by the previous command. The .pub file is your public file whose content needs to be added in your github accout. Open it and copy it in your clipboard. Login into your github account and add the ssh key there.

git_ssh3

Next step is to Add your key to the ssh-agent. First you have to turn on yor ssh-agent and then add your ssh file. The first step command may change according to your OS. I am using windows 8.1 and git bash.

git_ssh4

Now we have to change our remote url from https to ssh one. Follow the follwing step tp add the new one.

git_ssh5

Notice that at the end it ask to verify the fingerprint.

Lets do a push without entering any credentials. I have added a new file – file2 in the current repo and commited it. Lets push it to the remote.

git_ssh6

Notice that we didnt have to put any credentials this time.

If you have ever installed TortoiseGit on the computer you’re setting up your keys on, you may encounter problems. TortiseGit creates an environment variable that configures Plink as your SSH keystore, which may conflict when you try to use Git and SSH. No matter how you change your config or uninstall TortoiseGit, that environment variable persists and until you delete it, Git will not look to your regular .ssh directory to find the proper key.

Now, suppose you have to setup 2 ssh profiles, one for personal and one for work or more, you need to create a config file in your .ssh folder. Follow the previous step to create a new ssh key for your new emial id and add it to your ssh-agent. Your config file may look lke following


# Default GitHub
Host github.com
    HostName github.com
    PreferredAuthentications publickey
    IdentityFile ~/.ssh/id_rsa

# Work GitHub
Host work.github.com
    HostName github.com
    PreferredAuthentications publickey
    IdentityFile ~/.ssh/id_rsa_work

 

You may or may not have to do this. To check, list identity fingerprints by running:


$ ssh-add -l

You can delete all cached keys before, an dthen again add your keys one by one


$ssh-add -D

To test you’ve done this all correctly, I suggest the following quick check:


$ssh -T git@github.com
Hi <>! You've successfully authenticated, but GitHub does not provide shell access.


$ssh -T git@work.github.com
Hi <>! You've successfully authenticated, but GitHub does not provide shell access.

Now to add a new origin you can do somwthing like following


$git remote add myorigin git@work.github.com:<path of your repo>

and then for pushing

$git push myorigin master

Advertisements

2 Comments (+add yours?)

  1. Parag
    Oct 21, 2015 @ 13:09:52

    Good Job DJ :).

    Reply

  2. Robert Ningombam
    Jun 06, 2017 @ 12:13:47

    Cool!

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: