SSH Keys and Authentication

Introduction

SSH keys provide secure, password-less authentication to remote Git servers. This lesson covers creating and managing SSH keys for GitHub.

Why Use SSH?

• No need to enter username/password each time
• More secure than HTTPS
• Required for some GitHub features
• Works with automated scripts

Creating SSH Keys

Step 1: Check for Existing Keys

ls -la ~/.ssh

Look for files like id_rsa and id_rsa.pub.

Step 2: Generate New Key

ssh-keygen -t ed25519 -C "your.email@example.com"

Or for older systems:

ssh-keygen -t rsa -b 4096 -C "your.email@example.com"

Step 3: Save the Key

When prompted:

Enter file in which to save the key: (press Enter for default)
Enter passphrase: (optional, recommended)
Confirm passphrase: (optional)

This creates:

• ~/.ssh/id_ed25519 - Private key (keep secret!)
• ~/.ssh/id_ed25519.pub - Public key (safe to share)

Adding Key to SSH Agent

Start SSH Agent

eval "$(ssh-agent -s)"

Add Key to Agent

ssh-add ~/.ssh/id_ed25519

Auto-start Agent

Add to ~/.bashrc or ~/.zshrc:

echo 'eval "$(ssh-agent -s)"' >> ~/.bashrc
echo 'ssh-add ~/.ssh/id_ed25519' >> ~/.bashrc

Adding Key to GitHub

Copy Public Key

# macOS
pbcopy < ~/.ssh/id_ed25519.pub
Linux
xclip -sel clip < ~/.ssh/id_ed25519.pub
Windows (WSL)
clip.exe < ~/.ssh/id_ed25519.pub
Or display and copy manually
cat ~/.ssh/id_ed25519.pub

Add to GitHub Account

1. Go to GitHub → Settings → SSH and GPG keys 2. Click "New SSH key" 3. Add a title (e.g., "Work Laptop") 4. Paste your public key 5. Click "Add SSH key"

Testing the Connection

ssh -T git@github.com

You should see:

Hi username! You've successfully authenticated, but GitHub does not provide shell access.

Using SSH with Repositories

Clone with SSH

git clone git@github.com:username/repository.git

Change Existing Remote

git remote set-url origin git@github.com:username/repository.git

Verify Remote

git remote -v

Should show: origin git@github.com:username/repository.git (fetch)

Multiple SSH Keys

For different GitHub accounts or services:

Create Key with Custom Name

ssh-keygen -t ed25519 -C "work@example.com" -f ~/.ssh/id_ed25519_work

Configure SSH

Edit ~/.ssh/config:

# Default GitHub
Host github.com
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_ed25519
Work GitHub account
Host github-work
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_ed25519_work

Use Specific Key

git clone git@github-work:company/repo.git

Security Best Practices

Protect Your Private Key

chmod 600 ~/.ssh/id_ed25519

Use Passphrase

Always use a strong passphrase when generating keys.

Rotate Keys Periodically

Create new keys every 1-2 years.

Remove Unused Keys

Regularly audit your SSH keys in GitHub settings.

Troubleshooting

Permission Denied

# Check key permissions
ls -la ~/.ssh
Fix if needed
chmod 600 ~/.ssh/id_ed25519

Key Not Recognized

# Add to agent
ssh-add ~/.ssh/id_ed25519

Wrong Account

Check which key is being used:

ssh -vT git@github.com

Summary

SSH keys provide secure authentication:

• Generate keys with ssh-keygen
• Add public key to GitHub
• Use SSH URLs for repositories
• Test with ssh -T git@github.com
• Use multiple keys for different accounts

Next Lesson

Learn about branching - creating and managing parallel development lines.