Git and GitHub are essential tools for every developer. They are widely used in almost all types of software development projects.
There are other Git hosting services like Gitlab and Bitbucket, but GitHub is the most popular choice for developers. You can even edit your profile to make it look more appealing to recruiters.
You can use Git and GitHub to
organize your projects, collaborate with other developers, and of course, in Kinsta
.
But because Git and GitHub are related but different tools, you need to update your workflow with each of them constantly.
Pro tip: Use SSH keys for each of your machines… and use this guide to get started 🔑😄. So, in this tutorial, you’ll learn what they are, some of their advantages, and how to generate and configure GitHub SSH keys. Click To Tweet
We recommend using SSH keys for each of your machines. So, in this tutorial, you’ll learn what they are, some of their advantages, and how to generate and configure GitHub SSH keys.
Start!
What are SSH keys?
Simply put, SSH keys are credentials used for the SSH (Secure Shell) protocol to allow secure access to remote computers over the Internet. Typically, that authentication occurs in a command-line environment.
This protocol is based on the client-server architecture, which means that you as a user (or “client”) need to use special software, called an SSH client, to log in to a remote server and execute commands. This is basically what you are doing when authenticating through a terminal to GitHub.
.
But SSH isn’t just used for GitHub. It is widely used by other platforms such as Kinsta, Google Cloud, and Amazon Web Services to create a secure channel to access their services.
Now, when addressing how SSH keys actually work, you need to understand the differences between public and private keys.
Public vs Private Keys
Let’s start with the basics
.
The SSH protocol uses a cryptography technique called asymmetric encryption. This term may sound complicated and strange, but nothing could be further from the truth.
Basically, asymmetric encryption is a system that uses a pair of keys, namely public and private keys.
As you can guess, the public key can be shared with anyone. Its main purpose is to encrypt data, converting the message into secret code or ciphertext. This key is usually sent to other systems, for example, servers, to encrypt the data before sending it over the Internet.
On the other hand, the private key is the one you should keep for yourself. It is used to decrypt the data encrypted with your public key. Without it, it is impossible to decode your encrypted information.
This method allows you and the server to maintain a secure communication channel to transmit the information.
Here’s what happens in the background when you connect to a server via SSH:
The client sends the public key to the server. The server prompts
- the client to sign a random message encrypted with the public key using the private key. The
- A secure connection is established between the client
- the server
client signs the message and forwards the result to the server.
and
. It is important to keep your private keys secure and share them with anyone under no circumstances.
They are literally the key to all the information sent to you.
Using SSH keys with GitHub
As of August 13, 2021, Github no longer supports password authentication for command-line access. This means you now need to authenticate via a personal access token or use an SSH key (a bit more convenient).
Here’s what happens when you try to authenticate with your GitHub password over HTTP on a terminal:
Username for ‘https://github.com’: yourusername Password for ‘https://[email protected]’: Remote: Support for password authentication was removed on August 13, 2021. Use a personal access token instead. Remote: See https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information. Fatal: Authentication error for ‘https://github.com/yourusername/repository.git/’
GitHub needs your public key to authorize you to edit any of your repositories via
SSH.
Let’s see how you can
generate SSH keys locally. How to generate SSH keys
locally
Now that you understand a bit about the SSH protocol and the differences between public and private keys, it’s time to set up the secure SSH channel between your machine
and your GitHub repositories.
Before you go any further, you should already have a GitHub account and a terminal/command prompt with Git installed on your system. If you’re running Windows, make sure you’ve installed Git bash, which has all the tools you’ll need to follow along with this built-in tutorial.
The OpenSSH client is the most popular open source software used to connect via SSH. You won’t have to worry about your operating system because it’s installed by default on Linux, macOS, and Windows 10.
You must start a command prompt on Windows or a terminal on Unix-based systems to generate local SSH keys. You can usually do this by searching for “terminal”, “cmd” or “powershell” in your application panel, then clicking on the icon that appears.
.
Information
If you use Linux, most distributions have the shortcut Ctrl + Alt + T to open a
terminal.
After doing this, you should have a window similar to the following image
.
Run the following command to generate a local SSH key pair
: ssh-keygen -t ed25519 -C “[email protected]”
It’s time to tell you a secret: No one can really remember this command! Most developers have to Google it every time because:
- It’s a really long command, with forgettable and seemingly random numbers
- We use it rarely, so it is not worth memorizing most of the time.
.
However, it
is important to understand each command we enter into our terminals, so let’s see what each part of it means
.
- ssh-keygen: The command-line tool used to create a new SSH key pair. You can view your flags with ssh-keygen help
- ed25519: The -t flag is used to indicate the algorithm used to create the digital signature of the key pair. If your system supports it, ed25519 is the best algorithm you can use to create SSH key pairs.
- -C “email”: The -c flag is used to provide a personalized comment at the end of the public key, which is usually the email or the identification of the creator of the key pair.
-t
After you have typed the command into your terminal, you will need to enter the file in which you want to save the keys. By default, it’s located in your home directory, in a hidden folder called “.ssh,” but you can change it to whatever you want.
You will then be asked for a passphrase to add to your key pair. This adds an extra layer of security if, at any time, your device is compromised. It is not mandatory to add a passphrase, but it is always recommended.
Here’s what the whole process looks like:
<img src="https://kinsta.com/wp-content/uploads/2022/01/open-terminal-1024×526.png" alt="ssh-keygen command with
.
As you can see, this command generates two files in the directory you selected (commonly ~/.ssh): the public key with the .pub extension and the private key without extension.
We’ll show you how to add the public key to your GitHub account later.
Add SSH key
to ssh-agent
The ssh-agent program runs in the background, keeps your private keys and passphrases secure, and keeps them ready to be used by ssh. It is a great utility that saves you from typing your passphrase every time you want to connect to a server.
Because of this, you are going to add your new private key to this agent. Here’s how:
Make sure ssh-agent is
- running in the background. eval ‘ssh-agent’ # Agent pid 334065
If you receive a message similar to this if everything is fine. It means that the ssh-agent is running under a particular process identifier (PID).
- (the one with no extension) to the ssh-agent. ssh-add ~/.ssh/kinsta_keys
Replace kinsta_keys with the name of your SSH key. If this is the first key you have created, it should be called “id_algorithm_used”, for example, id_ed25519.
Add your SSH private key
Add SSH
key to GitHub account
The final step is to add your public key to your GitHub account. Just follow these instructions:
- Copy your SSH public key to your clipboard. You can open the file where you are with a text editor and copy it, or use the terminal to display its contents. cat ~/.ssh/kinsta_keys.pub # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJl3dIeudNqd0DPMRD6OIh65tjkxFNOtwGcWB2gCgPhk [email protected
- Log in to GitHub] and go to the top right section of the page, click on your profile picture, and select Settings. <img src="https://kinsta.com/wp-content/uploads/2022/01/terminal.png" alt="GitHub
- your configuration profile, click SSH and GPG keys.
- Click the New SSH Key button.
- Assign a title to your new SSH key on GitHub, usually the device from which you will use that key. And then paste the key into the Key area. <img src="https://kinsta.com/wp-content/uploads/2022/01/ssh-keygen-1024×540.png" alt="Add a new SSH key form
- Add your SSH key. <img src="https://kinsta.com/wp-content/uploads/2022/01/GitHub-settings.png" alt="Add SSH key button.
]
Then, in
Test SSH connection with a Repo Push
It’s time to try everything you’ve done so far. You will change, commit and push to one of your existing repositories using SSH to make sure your connection is configured correctly.
For our example, we’ll modify the simple HTML site we created in our Git for Web Development tutorial.
First, we will need to clone the repository on our local machine. We can go to the repository page on GitHub and copy the SSH address it provides.
Then, clone the repository using a terminal: git clone
[email protected]:D aniDiazTech/HTML-site.git
Now, let’s add a simple tag <h1> in the index.html file:
… <div class=”container my-2″> <h1 class=”text-center”>A new title!<h1> </div> <div class=”container my-3″> …
.
We’re not touching any JavaScript or CSS to keep this edit simple. But if you’re techny with JavaScript, you might find a place on Kinsta. Check the coding skills you need to be part of the Kinsta team.
After doing this, confirm the changes:
git commit -am “Added a simple title”
And push them into GitHub as you normally would. git
push
If all went well, congratulations! You have just set up an SSH connection between your machine and GitHub.
Manage multiple keys
SSH for different GitHub accounts
If you have multiple GitHub accounts, say one for your personal projects and one for your work, it’s difficult to use SSH for both. You would normally need separate machines to authenticate to different GitHub accounts.
But this can be easily solved by configuring the SSH configuration file.
Let’s get into it.
- Create another SSH key pair and add it to your other GitHub account. Note the name of the file to which you are assigning the new key. ssh-keygen -t ed25519 -C “[email protected]”
- Create the SSH configuration file. The configuration file tells the ssh program how it should behave. By default, the configuration file may not exist, so create it inside the .ssh/ folder: tap ~/.ssh/config
- Modify the SSH configuration file. Open the configuration file and paste the following code: #Your daily GitHub account Host github.com HostName github.com IdentityFile ~/.ssh/id_ed25519 IdentitiesOnly yes # Work account Host github-work Host github.comIdentityFile hostname ~/.ssh/work_key_file IdentitiesOnly yes
Now, whenever you need to authenticate via SSH using your work or secondary account, modify the SSH address of the repository a bit, From
: [email protected]:workaccount/project.git
… To
: [email protected]:workaccount/project.git Git and GitHub are essential tools for all developers and this guide will help you unlock a new addition: SSH keys 🔑Click To Tweet
Summary
Congratulations: you’ve learned most of the practical knowledge you need to connect to GitHub via
SSH!
This tutorial discussed the need for the SSH protocol, the differences between public and private keys, how to generate keys, add them to GitHub, and even manage multiple SSH keys for different GitHub accounts. Note that unless you want to lose access to everything, your private key should stay that way: private.
With this knowledge, you’re now ready to develop a flawless workflow with Git and GitHub. Keep coding!