Skip to Content

Github Repo Access Keys (SSH)

Posted on 7 mins read

Github does not support allowing username/password access when using Git commands on your Github-hosted repositories. You have to set up keys to do this. There are alternative ways of doing this, but this page is only going to describe setting up SSH keys. Note that these directions are for Linux/Unix; MacOS should be similar (but you need the XCode tools I think); for possible Windows directions, see the bottom of this page.

Step 1: Generate Keys

In Linux/Unix and other platforms, there is a command-line tool named “ssh-keygen” that will generate keys for you. These keys use public key cryptography and so they generate a pair of keys: one private key and one public key. These keys work together to provide security, you can find many places on the Web to read about it. I recommend that you accept the default name “id_rsa” and that you use an empty passphrase when generating them.

If you are already using SSH keys and want to keep your GitHub key separate, you can name your generated keys something other than the default “id_rsa”, perhaps something like “gitkey”. If you already have “id_rsa” keys you should not generate new keys! If you do the following commands and see the same output, do not generate new keys!

prompt> cd
prompt> ls .ssh
id_rsa        id_rsa.pub

Be careful when using the commands below; if you already have a default “id_rsa” key that you are using for other things and you don’t enter a new filename, you will overwrite and lose your existing keys! Generating them in a command line terminal looks like this:

prompt> cd
prompt> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jcook/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in id_rsa.
Your public key has been saved in id_rsa.pub.
The key fingerprint is:
SHA256:SJw9J60pFYWXSV2tTmL1+mQlYpvSdrnhnvxBtLpljxk jcook@truttam
The key's randomart image is:
+---[RSA 2048]----+
|        .+o+ ... |
|     . o.o+ . . .|
|      + =.o  . + |
|     . o *  = = +|
|      o S  + B *.|
|       .  . = O o|
|           o +EX |
|             .*=+|
|             o*.o|
+----[SHA256]-----+
prompt> ls ~/.ssh
id_rsa       id_rsa.pub        (and possibly other stuff)

Note that I just hit Return/Enter on all the input requests. The result of this command is two files: the file “id_rsa” (with no extension) contains the private key, and the file “id_rsa.pub” contains the public key. These are stored in text so you can look at them easily, in the terminal window or in a text editor.

ONLY If You Entered a Custom Name: Step 1a: Move Your Key Files

NOTE: if you followed the step above and ran the command inside your .ssh" directory (or folder), then you can skip this step.

Your key files must be moved into your ~/.ssh directory (or folder). “~” is just a shorthand name for your home directory, so this is a directory named “.ssh” in your home directory. The name must be exactly that – dot-s-s-h – and all lowercase. The SSH tools use this directory as a place to store configuration information, and keys. The Unix command “ls” which is used to list your files and directories will not show this by default – it skips and directory or file name that begins with dot. You have to do “ls -a” to list all of these “hidden” files and directories. If you have never used SSH to access your account, you may not have this directory yet; if not, create it. Then move both of the key files into this directory. This can be done as:

prompt> mv gitkey gitkey.pub ~/.ssh
prompt> cd
prompt> ls .ssh
config  gitkey  gitkey.pub  id_rsa  id_rsa.pub  known\_hosts

You probably do not yet have a “config” file and may not have the “id*” files or “known_hosts” either.

ONLY If You Entered a Custom Name: Step 1b: Create an SSH Config file

You probably do not yet have a config file for SSH; by default the tools don’t really need one. But if you do not want to use the defaul “id_rsa” key, you will need one for your Github keys. In your .ssh directory, use your favorite text editor (such as gedit) to create a plain text file named “config” – exactly that, no capitals and no extension – and place these three lines in it:

# Github keys
Host github.com
IdentityFile ~/.ssh/gitkey

Those lines have to be exact, and so watch for typos. If you named your key differently, use that name instead of “gitkey”.

Step 2: Upload Your Public Key to Github

Log in to your Github account in your browser. In the upper right is your icon and clicking on it gives you your account menu. Choose “Settings”. On the settings page is a left-hand menu of options. Click on “SSH and GPG Keys”. This gets you to the page where you can upload your public key. Click on “New SSH Key” and give the key some name “CS Lab Key” or something, and then copy and paste the contents of your “id_rsa.pub” file (or other public key file) into the provided text entry field. BE SURE that you have not introduced extra newline characters or anything like that. Your best bet is to open your public key file in a GUI text editor (such as gedit on Linux or Notepad on Windows or textedit on MacOS) and select all and then copy and paste it.

gedit ~/.ssh/id_rsa.pub

When you click on Save in the Github interface, it will let you know if the data does not form a valid public key. Be sure to copy all of the file contents, even the initial name and closing identity “email” address. These won’t be used but are part of the key information.

Step 5: Access Your Repositories

Now you are all set and you can use the git command line tools to access your repositories. But BE SURE to use the SSH URL for the repository and not the HTTPS URL; whenever you are at a repo in Github, it will provide you the option of both kinds of URLS. Use the SSH URL (it begins with “git@github.com” rather than “https://")

Step 6: Set Up Other Computers You Want to Use

With the private key in your CS user files, any computer in the CS Department will use the keys you just created, so you are all set for the CS department. But GitHub allows you to upload multiple public key files, so you can generate a unique key pair for your home computer, laptop, or any other computer you want to use. It would be better, and safer, to generate unique keys for each computer, rather than copying the keys you just generated to each computer, but you can also copy them if you want to.

Resources

GitHub has its own SSH key instructions.

Possible instructions for Windows

I don’t use Windows and so don’t really know what the issues are, but…

This page has several responses for various Windows tools; as you can read, it depends on what tools you are using.

This page has step by step instructions specifically for Git for Windows.

This Atlassian page has some instructions for setting up keys on Windows (but it is for BitBucket, not Github, and you have to be willing to interpret and apply somewhat differently).

Everything they do in Windows on that page says it must be in a “Git Bash” shell, so apparently the git tools under windows come with a “Git Bash” shell…which is in the Git for Windows toolset.

Hope it helps but YMMV.