Using SSH keys for private github repos

To use SSH keys for private github repos, you will first need to generate a public/private key pair using ssh-keygen

ssh-keygen -t rsa

When prompted for a passphrase, it’s up to you whether you want a passphrase associated with your key or not, but you “can” leave it blank. The primary/initial security is in how well you protect the private key file, but you can provide additional security by using a passphrase (in case somebody obtains access to the key file that should not have it).

Example output:

ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/cj/.ssh/id_rsa): ~/sasquatch.key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Saving key "~/sasquatch.key" failed: No such file or directory
[cj@ip-172-26-6-245 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/cj/.ssh/id_rsa): sasquatch.key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in sasquatch.key.
Your public key has been saved in sasquatch.key.pub.
The key fingerprint is:
SHA256:BscMOnLqelKPSOjwt5doWAqzBO01nj12e89EnEYCHDM cj@ip-172-26-6-245.us-west-2.compute.internal
The key's randomart image is:
+---[RSA 2048]----+
|      ..E.       |
|     . +.+       |
| .. + . + . .    |
|. .+o. o   + .   |
|o..o +  S   =    |
|=+o + +..  o     |
|=B.* o + .  .    |
|+o* = o . .o     |
|.o o.o   . .o    |
+----[SHA256]-----+

This creates two files – e.g., sasquatch.key and sasquatch.key.pub. The file sasquatch.key contains your private key (you hang on to this one and protect it). The file sasquatch.key.pub contains your public key (we’ll use its contents on github.com).

Next, log into github.com and go to https://github.com/settings/keys.

Click the “Add new SSH” key, give your key a title, and enter the contents of your PUBLIC key (e.g., sasquatch.key.pub) to the key section. Finally, click the “Add SSH key button”. The content of your public key file file will look something like this:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcblfKCwv/l3hsLW5km9av4jWWJEj0Ep8/SN7Y0vCPTAmqd+U09Zoabcdef1zeTHyGKlLJ7rmqrlR3Ygh30DiabcdefA0nTxg+lg4dmwcjIzSox/EAxEzxMllgtdDO5i+YfgNmqjT4BdMFe4lpabcdef+XQ9x1iwYBkRntrMXQOOLgq/AjL3nW6KIt7yBO0V4IzIsbc9J263273araQp4pwvsVcUWyabcdefCzxFLM4recb3CeKBxFN6so8avbw4v5VpDh48fdVfIl0i/abcdefsRUddYglWxbSJJ/aHhabcdefRsaTP2AKi1b0+cQJidH0sV/VpabcdefjTIQ3x user@host 

On your local computer, add the following to your ~/.ssh/config file:

Host github.com
  User git
  Hostname github.com
  PreferredAuthentications publickey
  IdentityFile ~/sasquatch.key

Next, make sure your private key and SSH config file are read-only.

chmod 400 ~/.ssh/config ~/sasquatch.key

To clone YourRepo, use the github.com clone SSH option to find the appropriate repo string. Your git clone command will look something like this:

git clone git@github.com:YOUR_USER_NAME/YOUR_REPO.git 

Leave a Comment