GitHub/GitLab SSH key based authentication: Difference between revisions

This ar­ti­cle is based on the an­swer of mine un­der the ques­tion How do I set­up SSH key based au­then­ti­ca­tion for GitHub? at Ask Ubun­tu. Here is short man­u­al how to set­up SSH key based au­then­ti­ca­tion for GitHub/Git­Lab and how to use it. Note the process for the both Git providers GitHub and Git­Lab is iden­ti­cal.

The ex­am­ple be­low is giv­en for GitHub, if you want to do the same set­up for Git­Lab just re­place every oc­cur­rence of github with git­lab .

Set­up SSH key based au­then­ti­ca­tion for GitHub/​​​GitLab

1. In­stall the openssh-client if it is not al­ready in­stalled, and of course git:

sudo apt update && sudo apt install -y openssh-client git

2. Cre­ate user's SSH di­rec­to­ry and a sub di­rec­to­ry where your ded­i­cat­ed GitHub SSH key will be stored:

mkdir -p -m 700 ~/.ssh/github

• The op­tion -m 700 is equiv­a­lent to chmod 700 ~/.ssh ~/.ssh/github.

3. Gen­er­ate the SSH key (the out­put key will have oc­tal per­mis­sions 600):

ssh-keygen -t ed25519 -C 'your@email.com' -f ~/.ssh/github/id_ed25519 -q -N ''

• -q – si­lence ssh-key­gen; -N '' – emp­ty (with­out) passphrase, you can as­sign one if you want. If it is passphrase pro­tect­ed key, you can add -a 256 (de­fault is 16) to in­crease the se­cu­ri­ty of the passphrase by de­creas­ing its ver­i­fi­ca­tion.

4. Copy the con­tent of the file id_ed25519.pub, use the fol­low­ing com­mand to out­put it:

cat ~/.ssh/github/id_ed25519.pub

Figure 1. Set­up SSH key with­in GitHub.

5. Go to your GitHub ac­count and fol­low these steps:

• From the drop-down menu in up­per right cor­ner se­lect Set­tings.
• Then from the menu at the left side se­lect SSH and GPG keys.
• Click on the New SSH Key but­ton.
• Type some mean­ing­ful for a Ti­tle and paste the con­tent of ~/.ssh/github/id_ed25519.pub in the field Key.
• Then click on the Add SSH Key but­ton.

6. Cre­ate the ~/.ssh/con­fig file, if it doesn't al­ready ex­ist:

touch ~/.ssh/config 
chmod 600 ~/.ssh/config

Ed­it the con­fig file and add the fol­low­ing en­try for the new SSH key:

Host github.com 
    IdentityFile ~/.ssh/github/id_ed25519

7. Test the set­up. Use the fol­low­ing com­mand:

ssh -T git@github.com

On the ques­tion – Are you sure you want to con­tin­ue con­nect­ing (yes/​​​no)? – an­swer with yes. If every­thing went well you should re­ceive a greet­ing mes­sage like this:

Hi pa4080! You've successfully authenticated, ...

How to use Git with SSH key

1. If you have al­ready cloned repos­i­to­ry through HTTPS, by us­ing a com­mand as these:

git clone https://github.com/username/repository-name.git

git clone git://github.com/username/repository-name

Go in­side the repository's di­rec­to­ry and ex­e­cute the next com­mand to al­low work via SSH:

git remote set-url origin git@github.com:username/repository-name.git

2. Di­rect clone a repos­i­to­ry via SSH:

git clone git@github.com:username/repository-name.git

3. In ad­di­tion if you are us­ing VSC it will work with­out prob­lems with this set­up. For al­ready cloned repos­i­to­ries just use the Open Fold­er op­tion and all VSC Git fea­tures will work.

Ref­er­ences

• GitHub De­vel­op­ius' Gist: Set­up SSH keys for use with GitHub/​​​GitLab/​​​BitBucket etc
• In­for­ma­tion Se­cu­ri­ty: SSH Key: Ed25519 vs RSA
• In­for­ma­tion Se­cu­ri­ty: Is it bad that my ed25519 key is so short com­pared to a RSA key?
• Risan Bag­ja: Up­grade Your SSH Key to Ed25519
• Crypt­sus Blog: How to se­cure your SSH serv­er with pub­lic key Ed25519 El­lip­tic Curve Cryp­tog­ra­phy
• For AWS: Set­up steps for SSH con­nec­tions to AWS Code­Com­mit repos­i­to­ries on Lin­ux, ma­cOS, or Unix