How to create ssh key github

About SSH

Using the SSH protocol, you can connect and authenticate to remote servers and services. With SSH keys, you can connect to GitHub without supplying your username and personal access token at each visit.

You can access and write data in repositories on GitHub.com using SSH (Secure Shell Protocol). When you connect via SSH, you authenticate using a private key file on your local machine. For more information about SSH, see Secure Shell on Wikipedia.

When you set up SSH, you will need to generate a new private SSH key and add it to the SSH agent. You must also add the public SSH key to your account on GitHub before you use the key to authenticate. For more information, see «Generating a new SSH key and adding it to the ssh-agent» and «Adding a new SSH key to your GitHub account.»

You can further secure your SSH key by using a hardware security key, which requires the physical hardware security key to be attached to your computer when the key pair is used to authenticate with SSH. You can also secure your SSH key by adding your key to the ssh-agent and using a passphrase. For more information, see «Working with SSH key passphrases.»

To use your SSH key with a repository owned by an organization that uses SAML single sign-on, you must authorize the key. For more information, see «Authorizing an SSH key for use with SAML single sign-on» in the GitHub Enterprise Cloud documentation.

To maintain account security, you can regularly review your SSH keys list and revoke any keys that are invalid or have been compromised. For more information, see «Reviewing your SSH keys.»

If you haven’t used your SSH key for a year, then GitHub will automatically delete your inactive SSH key as a security precaution. For more information, see «Deleted or missing SSH keys.»

Organizations that use GitHub Enterprise Cloud can provide SSH certificates, which members can use to access that organization’s repositories without adding the certificate to their account on GitHub. If you’re using an SSH certificate, you cannot use the certificate to access forks of the organization’s repositories, if the fork is owned by your personal account. For more information, see «About SSH certificate authorities» in the GitHub Enterprise Cloud documentation.

How to Generate SSH Keys for GitHub

Git and GitHub are essential tools for every developer. They’re widely used in almost every kind of software development project.

There are other Git hosting services like Gitlab and Bitbucket, but GitHub is the most popular choice for developers. You can even edit your profile to seem more attractive to recruiters.

You can use Git and GitHub to organize your projects, collaborate with other developers, and — of course — at Kinsta.

But because Git and GitHub are related yet different tools, you need to update your workflow with each of them constantly.

We recommend using SSH keys for each one of your machines. So, in this tutorial, you’ll learn what they are, some of their advantages, and how to generate and configure GitHub SSH keys.

Let’s get started!

What Are SSH Keys?

Simply put, SSH keys are credentials used for the SSH (Secure Shell) protocol to enable secure access to remote computers over the internet. Usually, that authentication occurs in a command-line environment.

Kinsta spoiled me so bad that I demand that level of service from every provider now. We also try to be at that level with our SaaS tool support.

Suganthan Mohanadasan from @Suganthanmn

This protocol is based on client-server architecture, which means you as the user (or “client”) need to use special software, called an SSH client, to log into a remote server and execute commands. This is basically what you’re doing when authenticating via a terminal to GitHub.

But SSH is not only used for GitHub. It’s broadly used by other platforms like Kinsta, Google Cloud, and Amazon Web services to create a secure channel to access their services.

Now, heading into how SSH keys really work, you need to understand the differences between public and private keys.

Public vs Private Keys

Let’s start with the basics.

The SSH protocol uses a technique of cryptography called asymmetric encryption. This term may sound complicated and weird, but nothing could be further from the truth.

Basically, asymmetric encryption is a system that uses a pair of keys, namely public and private keys.

As you may guess, the public key can be shared with anyone. Its main purpose is to encrypt data, converting the message into secret code or ciphertext. This key is usually sent to other systems — for example, servers — to encrypt the data before sending it over the internet.

On the other hand, the private key is the one that you must keep to yourself. It’s used to decrypt the encrypted data with your public key. Without it, it’s impossible to decode your encrypted information.

This method allows you and the server to keep a safe communication channel for transmitting the information.

Here’s what happens in the background when you connect to a server via SSH:

It’s important to keep your private keys safe and share them with anyone under no circumstances. They’re literally the key to all the information sent to you.

Using SSH Keys With GitHub

Since August 13, 2021, Github no longer accepts password authentication for command-line access. This means now you need to authenticate via a personal access token or use an SSH key (a little bit more convenient).

Here’s what happens when you try to authenticate with your GitHub password over HTTP in a terminal:

GitHub needs your public key to authorize you to edit any of your repos via SSH.

Let’s see how you can generate SSH keys locally.

How to Generate SSH Keys Locally

Now that you understand a little bit about the SSH protocol and the differences between public and private keys, it’s time to set up the secure SSH channel between your machine and your GitHub repos.

Before we move forward, you should already have a GitHub account, and a terminal/command prompt with Git installed in your system. If you’re running Windows, make sure you installed Git bash, which has all the tools you’ll need to follow along with this tutorial built-in.

The OpenSSH client is the most popular open-source software used to connect via SSH. You won’t need to worry about your operating system because it’s installed by default on Linux, macOS, and Windows 10.

You need to fire up a command prompt on Windows or a terminal on Unix-based systems to generate local SSH keys. Usually, you can do this by searching for “terminal”, “cmd”, or “powershell” in your application panel, then clicking the icon that shows up.

Terminal application search.

If you use Linux, most distros have the shortcut Ctrl + Alt + T to open up a terminal.

After doing this, you should have a window similar to the following image.

Terminal application.

Run the following command to generate a local SSH pair of keys:

It’s time to tell you a secret: No one can really remember this command! Most developers have to Google it every time because:

However, it’s important to understand each command that we introduce into our terminals, so let’s see what each part of this one means.

After you’ve typed the command into your terminal, you’ll have to enter the file to which you would like to save the keys. By default, it’s located in your home directory, in a hidden folder named “.ssh”, but you can change it to whatever you like.

Then you’ll be asked for a passphrase to add to your key pair. This adds an extra layer of security if, at any time, your device is compromised. It is not obligatory to add a passphrase, but it’s always recommended.

This is what the whole process looks like:

ssh-keygen command.

As you can see, this command generates two files in the directory you selected (commonly

We’ll show you how to add the public key to your GitHub account later.

Add SSH Key to ssh-agent

The ssh-agent program runs in the background, holds your private keys and passphrases safely, and keeps them ready to use by ssh. It’s a great utility that saves you from typing your passphrase every time you want to connect to a server.

Because of this, you’re going to add your new private key to this agent. Here’s how:

If you get a message similar to this if everything is fine. It means the ssh-agent is running under a particular process id (PID).

Replace kinsta_keys with the name of your SSH key. If this is the first key you’ve created, it should be named “id_algorithm_used,” for instance, id_ed25519.

Add SSH Key to GitHub Account

The final step is to add your public key to your GitHub account. Just follow these instructions:

GitHub settings.

SSH and GPG keys.

New SSH key button.

Add a new SSH key form.

Test SSH Connection With a Repo Push

It’s time to test everything you’ve done so far. You’re going to change, commit, and push to one of your existing repos using SSH to ensure your connection is set up correctly.

For our example, we will modify the simple HTML site we created in our Git for Web Development tutorial.

First, we’ll need to clone the repository into our local machine. We can go to the repo page on GitHub and copy the SSH address it provides.

SSH clone command.

Then, clone the repo using a terminal:

Now, let’s add a simple

tag in the index.html file:

The simple HTML site.

We’re not touching any JavaScript or CSS to keep this edit simple. But if you’re skilled with JavaScript, you might find a place at Kinsta. Check the coding skills you need to be part of the Kinsta team.

After doing this, commit the changes:

And push them into GitHub just as you’d normally do.

If everything went fine, congratulations! You just set up an SSH connection between your machine and GitHub.

Manage Multiple SSH Keys for Different GitHub Accounts

If you have multiple GitHub accounts — let’s say one for your personal projects and one for your work — it’s difficult to use SSH for both of them. You would normally need separate machines to authenticate to different GitHub accounts.

But this can be solved easily by configuring the SSH config file.

Let’s get into it.

Now, every time you need to authenticate via SSH using your work or secondary account, you tweak a bit the repo SSH address, from:

Summary

Congratulations — you’ve learned most of the practical knowledge you need to connect to GitHub via SSH!

This tutorial discussed the need for the SSH protocol, the differences between public and private keys, how to generate keys, add them to GitHub, and even manage multiple SSH keys for different GitHub accounts. Keep in mind that unless you want to lose access to everything, your private key needs to stay that way: private.

With this knowledge, now you’re ready to develop a flawless workflow with Git and GitHub. Keep coding!

Save time, costs and maximize site performance with:

All of that and much more, in one plan with no long-term contracts, assisted migrations, and a 30-day-money-back-guarantee. Check out our plans or talk to sales to find the plan that’s right for you.

SSH Keys for GitHub

Objectives

Why Use an SSH Key?

When working with a GitHub repository, you’ll often need to identify yourself to GitHub using your username and password. An SSH key is an alternate way to identify yourself that doesn’t require you to enter you username and password every time.

SSH keys come in pairs, a public key that gets shared with services like GitHub, and a private key that is stored only on your computer. If the keys match, you’re granted access.

The cryptography behind SSH keys ensures that no one can reverse engineer your private key from the public one.

Generating an SSH key pair

The first step in using SSH authorization with GitHub is to generate your own key pair.

When asked where to save the new key, hit enter to accept the default location.

You will then be asked to provide an optional passphrase. This can be used to make your key even more secure, but for this lesson you can skip it by hitting enter twice.

When the key generation is complete, you should see the following confirmation:

The random art image is an alternate way to match keys but we won’t be needing this.

Add your public key to GitHub

We now need to tell GitHub about your public key. Display the contents of your new public key file with cat :

The output should look something like this:

Copy the contents of the output to your clipboard.

Login to github.com and bring up your account settings by clicking the tools icon.

Select SSH Keys from the side menu, then click the Add SSH key button.

Name your key something whatever you like, and paste the contents of your clipboard into the Key text box.

Finally, hit Add key to save. Enter your github password if prompted.

####Using Your SSH Key

Going forward, you can use the SSH clone URL when copying a repo to your local machine.

This will allow you to bypass entering your username and password for future GitHub commands.

Setting up SSH key with GitHub for Ubuntu

SSH stands for Secure Shell. SSH is a way to securely communicate with a remote computer. SSH is used for executing commands remotely by interacting with another system’s operating shell.

Using SSH, you can connect with GitHub without supplying your username and personal access token in each visit.

Step 1: Generating a new SSH key

Open your terminal and use the following line to create a new SSH key.

Press Enter to save the key in the default location.

Step 2: Enter the passphrase

Step 3: Adding your SSH key to ssh-agent

We can add our key using the following line

Step 4: Add your key to GitHub

In order to get our key, use the following command

Then copy the content (starting from ssh-rsa ). Now open your GitHub account and do the following steps :

You have successfully added a new SSH key to your GitHub account. Hope you found it useful.

Managing deploy keys

In this article

Learn different ways to manage SSH keys on your servers when you automate deployment scripts and which way is best for you.

You can manage SSH keys on your servers when automating deployment scripts using SSH agent forwarding, HTTPS with OAuth tokens, deploy keys, or machine users.

SSH agent forwarding

In many cases, especially in the beginning of a project, SSH agent forwarding is the quickest and simplest method to use. Agent forwarding uses the same SSH keys that your local development computer uses.

HTTPS cloning with OAuth tokens

If you don’t want to use SSH keys, you can use HTTPS with OAuth tokens.

You can launch projects from a repository on GitHub.com to your server by using a deploy key, which is an SSH key that grants access to a single repository. GitHub attaches the public part of the key directly to your repository instead of a personal account, and the private part of the key remains on your server. For more information, see «Delivering deployments.»

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see «Repository roles for an organization» and «Permission levels for a personal account repository.»

Using multiple repositories on one server

If you use multiple repositories on one server, you will need to generate a dedicated key pair for each one. You can’t reuse a deploy key for multiple repositories.

In the server’s SSH configuration file (usually

/.ssh/config ), add an alias entry for each repository. For example:

You can then use the hostname’s alias to interact with the repository using SSH, which will use the unique deploy key assigned to that alias. For example:

If your server needs to access repositories across one or more organizations, you can use a GitHub App to define the access you need, and then generate tightly-scoped, server-to-server tokens from that GitHub App. The server-to-server tokens can be scoped to single or multiple repositories, and can have fine-grained permissions. For example, you can generate a token with read-only access to a repository’s contents.

Since GitHub Apps are a first class actor on GitHub, the server-to-server tokens are decoupled from any GitHub user, which makes them comparable to «service tokens». Additionally, server-to-server tokens have dedicated rate limits that scale with the size of the organizations that they act upon. For more information, see Rate limits for GitHub Apps.

If your server needs to access multiple repositories, you can create a new account on GitHub.com and attach an SSH key that will be used exclusively for automation. Since this account on GitHub.com won’t be used by a human, it’s called a machine user. You can add the machine user as a collaborator on a personal repository (granting read and write access), as an outside collaborator on an organization repository (granting read, write, or admin access), or to a team with access to the repositories it needs to automate (granting the permissions of the team).

Tip: Our terms of service state:

Accounts registered by «bots» or other automated methods are not permitted.

This means that you cannot automate the creation of accounts. But if you want to create a single machine user for automating tasks such as deploy scripts in your project or organization, that is totally cool.