In previous post we discussed regarding an issues with Github's SAML SSO Login which stops developers from accessing github repositories using username and password from git command line client. Also even if authentication is working correctly, we always need to provide username and password during git operations which is not convenient while writing programmable scripts. In this tutorial we will setup SSH keys in github account and eliminate manual input of username and password completely.
Steps
Before adding a new SSH key to your GitHub Enterprise account, you should have: Checked for existing SSH keys; Generated a new SSH key and added it to the ssh-agent; After adding a new SSH key to your GitHub Enterprise account, you can reconfigure any local repositories to use SSH. For more information, see 'Switching remote URLs from HTTPS to.
Generate SSH Keys for Github
Windows
If you are running winnows then you should use git bash client to generate ssh keys for pairing with github account. We assume that you have installed github client for windows and have access to git bash shell.
- Create directory to hold ssh keys that will be generated during following steps. Directory location can be anything of your choice. We will create directory with name
ssh
at locationC:Userstechmongerssh
to hold ssh keys. - Open
git-bash
and generate ssh keys inside above directory usingssh-keygen
.You can keep the passphrase empty during key creation.
Above will generate two key files,
id_rsa_github
will be private key and id_rsa_github.pub
will be public key. Mac Generate Ssh Key For Github Windows 10
Once ssh keys are generated as above, head towards configuring keys.
Linux / Mac
If you are running github client on the unix like operating system then you can generate ssh keys inside your home directory. We will generate ssh keys inside
/home/techmonger/.ssh
Note that generating new key inside /home/techmonger/.ssh will override existing ssh keys. To avoid this issue create new ssh key specifically for the github (
id_rsa_github.pub
) or use existing ssh key. You can keep the passphrase empty during key creation.
Mac Generate Ssh Key For Github Free
Configuring SSH Keys in Github Account
- Open generated
id_rsa_github.pub
in text editor like notepad or vim and copy the public key content present inside it on the clipboard. - Open GitHub account in browser and move to Settings → SSH and GPG keys and click on Add SSH Key. Provide meaningful name for the key and add the public key content inside Key box.
- Once public key is added in github account, add private key at github command line client. Open github bash in Windows or command line terminal in Linux or Mac to add private ssh key (
id_rsa_github
) like below.Windows
Linux / Mac
- Check ssh connection by authenticating with following command.
Connect to remote repository using SSH.
Once ssh keys are correctly configured you can authenticate against github using ssh keys. For example to clone remote repository code locally you can use following command.
Conclusion
We have successfully configured and connected to gituhub using ssh keys. This eliminated need of providing username and password while making connection from github client. You can also configure personal access token and connect to repository without providing actual password.
ssh-keygen.sh
#! /bin/bash |
# Use Examples |
# ./ssh-keygen Additional comments |
# ./ssh-keygen '(Work)' |
ROUNDS=100 |
ifhash networksetup 2>/dev/null;then |
# Mac only: Computer Name |
COMMENT='$(networksetup -getcomputername)$@' |
else |
COMMENT='$@' |
fi |
# remove leading and trailing spaces |
COMMENT='$(echo '$COMMENT'| sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')' |
echo'-----> Generating SSH Keys ($COMMENT)' |
if [ !-f~/.ssh/id_rsa ];then |
echo -e 'yn'|ssh-keygen -q -t rsa -b 4096 -o -a ${ROUNDS} -N '' -C '$COMMENT' -f ~/.ssh/id_rsa |
ssh-add ~/.ssh/id_rsa |
echo'~/.ssh/id_rsa' |
else |
echo'~/.ssh/id_rsa Skipped!' |
fi |
if [ !-f~/.ssh/id_ecdsa ];then |
echo -e 'yn'|ssh-keygen -q -t ecdsa -b 521 -o -a ${ROUNDS} -N '' -C '$COMMENT' -f ~/.ssh/id_ecdsa |
ssh-add ~/.ssh/id_ecdsa |
echo'~/.ssh/id_ecdsa' |
else |
echo'~/.ssh/id_ecdsa Skipped!' |
fi |
if [ !-f~/.ssh/id_ed25519 ];then |
echo -e 'yn'|ssh-keygen -q -t ed25519 -o -a ${ROUNDS} -N '' -C '$COMMENT' -f ~/.ssh/id_ed25519 |
ssh-add ~/.ssh/id_ed25519 |
echo'~/.ssh/id_ed25519' |
else |
echo'~/.ssh/id_ed25519 Skipped!' |
fi |
echo'-----> Generating Secure Enclave Key ($COMMENT)' |
ifhash sekey 2>/dev/null;then |
if [ !-f~/.ssh/id_ecdsa256.pub ];then |
sekey --generate-keypair '$COMMENT' |
keyline=$(sekey --list-keys | grep '$COMMENT') |
keyarr=($keyline) |
keyarrlen=${#keyarr[@]} |
key=${keyarr[((keyarrlen-2))]} |
echo$key |
sekey --export-key $key>~/.ssh/id_ecdsa256.pub |
echo'~/.ssh/id_ecdsa256.pub (Private key is stored in the Secure Enclave)' |
else |
echo'~/.ssh/id_ecdsa256 (Secure Enclave) Skipped!' |
fi |
else |
echo'SeKey not installed. (https://github.com/ntrippar/sekey)' |
echo'1. Ensure you have TouchId built-in to your Mac' |
echo'2. $ brew cask install sekey' |
fi |
echo'Done!' |
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment