In previous post we discussed regarding an issues with Github's SAML SSO Login which stops developers from accessing github repositories using username and password from git command line client. Also even if authentication is working correctly, we always need to provide username and password during git operations which is not convenient while writing programmable scripts. In this tutorial we will setup SSH keys in github account and eliminate manual input of username and password completely.
Steps
Generate SSH Keys for Github
Windows
If you are running winnows then you should use git bash client to generate ssh keys for pairing with github account. We assume that you have installed github client for windows and have access to git bash shell.
- Create directory to hold ssh keys that will be generated during following steps. Directory location can be anything of your choice. We will create directory with name
sshat locationC:\Users\techmonger\sshto hold ssh keys. - Open
git-bashand generate ssh keys inside above directory usingssh-keygen.$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/c/Users/techmonger/.ssh/id_rsa): C:\\Users\\techmonger\\ssh\\id_rsa_github Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in C:\\Users\\techmonger\\ssh\\id_rsa_github Your public key has been saved in C:\\Users\\techmonger\\ssh\\id_rsa_github.pubYou can keep the passphrase empty during key creation.
Above will generate two key files, id_rsa_github will be private key and id_rsa_github.pub will be public key.
Once ssh keys are generated as above, head towards configuring keys.
Linux / Mac
If you are running github client on the unix like operating system then you can generate ssh keys inside your home directory. We will generate ssh keys inside /home/techmonger/.ssh
Note that generating new key inside /home/techmonger/.ssh will override existing ssh keys. To avoid this issue create new ssh key specifically for the github (id_rsa_github.pub) or use existing ssh key.
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/techmonger/.ssh/id_rsa):
/home/techmonger/.ssh/id_rsa_github
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/techmonger/.ssh/id_rsa_github.
Your public key has been saved in /home/techmonger/.ssh/id_rsa_github.pub.You can keep the passphrase empty during key creation.
Configuring SSH Keys in Github Account
- Open generated
id_rsa_github.pubin text editor like notepad or vim and copy the public key content present inside it on the clipboard. - Open GitHub account in browser and move to Settings → SSH and GPG keys and click on Add SSH Key. Provide meaningful name for the key and add the public key content inside Key box.
Configure SSH Keys with Github Account - Once public key is added in github account, add private key at github command line client. Open github bash in Windows or command line terminal in Linux or Mac to add private ssh key (
id_rsa_github) like below.Windows
$ ssh-add C:\\Users\\techmonger\\ssh\\id_rsa_github Identity added: C:\\Users\\techmonger\\ssh\\id_rsa_githubLinux / Mac
$ ssh-add /home/techmonger/.ssh/id_rsa_github Identity added: /home/techmonger/.ssh/id_rsa_github - Check ssh connection by authenticating with following command.
$ ssh -T git@github.example.com Hi techmonger! You've successfully authenticated, but GitHub does not provide shell access.
Connect to remote repository using SSH.
Once ssh keys are correctly configured you can authenticate against github using ssh keys. For example to clone remote repository code locally you can use following command.
$ git clone git@github.example.com:techmonger/project-repo.gitConclusion
We have successfully configured and connected to gituhub using ssh keys. This eliminated need of providing username and password while making connection from github client. You can also configure personal access token and connect to repository without providing actual password.