To use SSH keys for private github repos, you will first need to generate a public/private key pair using ssh-keygen
ssh-keygen -t rsa
When prompted for a passphrase, it’s up to you whether you want a passphrase associated with your key or not, but you “can” leave it blank. The primary/initial security is in how well you protect the private key file, but you can provide additional security by using a passphrase (in case somebody obtains access to the key file that should not have it).
ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/cj/.ssh/id_rsa): ~/sasquatch.key Enter passphrase (empty for no passphrase): Enter same passphrase again: Saving key "~/sasquatch.key" failed: No such file or directory [cj@ip-172-26-6-245 ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/cj/.ssh/id_rsa): sasquatch.key Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in sasquatch.key. Your public key has been saved in sasquatch.key.pub. The key fingerprint is: SHA256:BscMOnLqelKPSOjwt5doWAqzBO01nj12e89EnEYCHDM email@example.com The key's randomart image is: +---[RSA 2048]----+ | ..E. | | . +.+ | | .. + . + . . | |. .+o. o + . | |o..o + S = | |=+o + +.. o | |=B.* o + . . | |+o* = o . .o | |.o o.o . .o | +----[SHA256]-----+
This creates two files – e.g., sasquatch.key and sasquatch.key.pub. The file sasquatch.key contains your private key (you hang on to this one and protect it). The file sasquatch.key.pub contains your public key (we’ll use its contents on github.com).
Next, log into github.com and go to https://github.com/settings/keys.
Click the “Add new SSH” key, give your key a title, and enter the contents of your PUBLIC key (e.g., sasquatch.key.pub) to the key section. Finally, click the “Add SSH key button”. The content of your public key file file will look something like this:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcblfKCwv/l3hsLW5km9av4jWWJEj0Ep8/SN7Y0vCPTAmqd+U09Zoabcdef1zeTHyGKlLJ7rmqrlR3Ygh30DiabcdefA0nTxg+lg4dmwcjIzSox/EAxEzxMllgtdDO5i+YfgNmqjT4BdMFe4lpabcdef+XQ9x1iwYBkRntrMXQOOLgq/AjL3nW6KIt7yBO0V4IzIsbc9J263273araQp4pwvsVcUWyabcdefCzxFLM4recb3CeKBxFN6so8avbw4v5VpDh48fdVfIl0i/abcdefsRUddYglWxbSJJ/aHhabcdefRsaTP2AKi1b0+cQJidH0sV/VpabcdefjTIQ3x user@host
On your local computer, add the following to your ~/.ssh/config file:
Host github.com User git Hostname github.com PreferredAuthentications publickey IdentityFile ~/sasquatch.key
Next, make sure your private key and SSH config file are read-only.
chmod 400 ~/.ssh/config ~/sasquatch.key
To clone YourRepo, use the github.com clone SSH option to find the appropriate repo string. Your git clone command will look something like this:
git clone firstname.lastname@example.org:YOUR_USER_NAME/YOUR_REPO.git