When working with a GitHub repository, you'll often need to identify yourself to GitHub by using your username and password. Do you know you don’t require entering your username and password every time and being safe? How can you work with the GitHub repository more securely and faster? An SSH key is an alternate way to identify yourself that doesn't require you to enter your username and password every time. Authentication with SSH keys can be a little more complex, but it helps increase security.
In this article, I will show you what an SSH Key is. And how you can generate it for your GitHub account.
What is SSH Key, and how does it work?
SSH keys come in pairs, a public key that gets shared with services like GitHub and a private key that is stored only on your computer.
Here’s the quick on how SSH keys work for authentication:
When you attempt to log in, the server will check for the public key and then generate a random string and encrypt it using this public key. This encrypted message can only be decrypted with the associated private key.
The server will send this encrypted message to your computer. Upon receipt of the notice, your computer will decrypt it using the private key and send this message back to the server. If everything matches up, you’re good to go.
You can access and write data in repositories on GitHub.com using SSH (Secure Shell Protocol). When you connect via SSH, you authenticate using a private key file on your local machine. When you set up SSH, you need to generate a new private SSH key and add it to the SSH agent. You must also add the public SSH key to your account on GitHub before you use the key to authenticate or sign commits.
Generating an SSH Key
Before generating a new SSH Key, you should check your local machine for the existing keys.
- Open your terminal
cd ~/.ssh(if you don’t have .ssh means that you don’t have SSH Key)
ls(to see the list of the files in the .ssh directory)
If you see one of the following files:
This means that you have a public SSH Key.
Step 1- Open your terminal and paste the text below, substituting in your GitHub email address.
ssh-keygen -t ed25519 -C "firstname.lastname@example.org"
Note: If the command fails and you receive the error invalid format or feature not supported, you may be using a hardware security key that does not support the Ed25519 algorithm.
Enter the following command instead:
ssh-keygen -t ecdsa-sk -C "email@example.com"
Step 2- When you see “ Enter a file in which to save the key (/Users/you/.ssh/id_ed25519_sk): ” press enter to accept the default file location.
Step 3- When you see “Enter passphrase (empty for no passphrase):” enter a passphrase, and you should see another message “ enter the same passphrase again: “ enter the passphrase again.
Congratulation, now you have an SSH Key.
Adding a new SSH Key to the GitHub account
Before adding a new SSH key to your account on GitHub.com, add your new SSH Key to your machine's SSH agent (The ssh-agent is a helper program that keeps track of users’ identity keys and their passphrases. The agent can then use the keys to log into other servers without having the user type in a password or passphrase again. This implements a form of single sign-on (SSO)).
Follow the steps below:
Step 1- Start the ssh-agent in the background with this command
eval "$(ssh-agent -s)"
Note : Depending on your environment, you may need to use a different command. For example, you may need to use root access by running
sudo -s -H before starting the ssh-agent, or you may need to use
exec ssh-agent bash or
exec ssh-agent zsh to run the ssh-agent.
Step 2- If you're using macOS Sierra 10.12.2 or later,
First, check to see your ~/.ssh/config file exists in the default location with this command
If the file doesn't exist, create the file with this command
- Open your
~/.ssh/configfile, then modify the file to contain the following lines. If your SSH key file has a different name or path than the example code, modify the filename or path to match your current setup.
Host * AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_ed25519
Step 3- Add your SSH private key to the ssh-agent and store your passphrase in the keychain. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_ed25519 in the command with the name of your private key file like this :
ssh-add -K ~/.ssh/id_ed25519
After that for adding SSH Key to your account follow the steps below:
- Open your terminal and type
- In the .ssh folder, find a file with the extension “pub” and open it with text or note.
- Copy the contents of the file.
- In the upper-right corner of any page, click your profile photo, then click Settings.
- In the "Access" section of the sidebar, click SSH and GPG keys.
- Click New SSH key or Add SSH key.
- In the "Title" field, add a descriptive label for the new key. For example, if you're using a personal laptop, you might call this key "Personal laptop”.
- Select the type of key( authentication ).
- Paste your key into the "Key" field. And click Add SSH key.
- If prompted, confirm access to your account on GitHub.
Once more notice that Using the key is more secure than using a password. No repetitive authentication is required as with HTTPS. For every action that you perform, SSH removes the burden of authenticating on your remote server for every action (clone/push/pull) in git. So use it and enjoy your sense of security.