Ubuntu – How to setup SSH key based authentication for GitHub by using ~/.ssh/config file

gitopensshssh

I am trying to set up my SSH keys for GitHub and created a new SSH key for the same. I have managed to setup the SSH key but I wish to retain these settings and save them in the configuration file ~/.ssh/config which is not available. Where can I add this key path to retain the configuration?

Best Answer

Here is short manual how to setup SSH key based authentication for GitHub.

1. Install the openssh-client if it is not already installed, and of course git:

sudo apt update && sudo apt install -y openssh-client git

2. Create user's ssh directory and a sub directory where your dedicated GitHub ssh key will be stored:

mkdir -p ~/.ssh/github
chmod 700 ~/.ssh ~/.ssh/github

3. Generate the SSH key (the output key will have octal permissions 600):

ssh-keygen -t rsa -b 4096 -C 'your@email.com' -f ~/.ssh/github/id_rsa -q -N ''

-q - silence ssh-keygen; -N '' - empty (without) passphrase, you can assign one if you want.

4. Copy the content of the file id_rsa.pub, use the following command to output it:

cat ~/.ssh/github/id_rsa.pub

5. Go to your GitHub account. From the drop-down menu in upper right corner select Your profile. Click on Edit profile button and then select SSH and GPG keys. Click on the New SSH Key button. Type some meningful for a Title and paste the content of ~/.ssh/github/id_rsa.pub in the field Key. Then click on the Add SSH Key button.

6. Create the ~/.ssh/config file, if it doesn't already exist:

touch ~/.ssh/config
chmod 600 ~/.ssh/config

Edit the config file and add the following entry for the new SSH key:

Host github.com
    IdentityFile ~/.ssh/github/id_rsa

7. Test the setup. Use the following command:

ssh -T git@github.com

On the question - Are you sure you want to continue connecting (yes/no)? - answer with yes. If everything went well you should receive a greeting message like this:

Hi pa4080! You've successfully authenticated, ...

How to use the SSH key.

1. If you have already cloned repository through HTTPS, by using a command as these:

git clone https://github.com/username/repository-name.git
git clone git://github.com/username/repository-name

Go inside the repository's directory and execute the next command to allow work via SSH:

git remote set-url origin git@github.com:username/repository-name.git

2. Direct clone a repository via SSH:

git clone git@github.com:username/repository-name.git

3. In addition if you are using VSC it will work without problems with this setup. For already clonned repositories just use the Open Folder option and all VSC Git features will work.

Related Solutions

Ubuntu – How to permanently save a password-protected SSH key

If you are using Unity, or a session manager that starts gnome-keyring-daemon, you can simply use Seahorse (Passwords and Keys) to establish a key, define what it is for, set a passphrase, and distribute its public key to the computer you are going to use with ssh. No terminal commands are necessary.

You create the password by:

selecting File->New and select Secure Shell Key. Press Continue.
Type in a descriptive name, and select Create and set up.
You will be prompted to enter a keyphrase twice (the second time to check that you didn't mis-enter it the first time.
Enter the computer to which the public key should be used and the user name on that computer for which you will be using the key. The public key will be copied to that other computer, prompting for your password on that computer if necessary.

Now the My Personal Keys tab will display the key.

Assuming gnome-keyring-daemon was started properly when you logged into Lightdm, and again by your session manager, when you first use the key with ssh you will be prompted for the keyphrase. In this dialog box you can provide the keyphrase, select the Details control and ask that the keyring be unlocked whenever you are logged in--automatically providing this key. Press OK

You may not be prompted in this way if there is another key available for logging into the remote computer.

After this has been accomplished the first Seahorse tab Passwords will list an "Unlock password entry" for the key name. Click on the triangle before "Passwords: Login" to see it.

Ubuntu – ssh key authentication still prompts password

ssh -vv myuser@xx.xxx.xx.xxx
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /home/viggy/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *

Applying options for * means that the ssh client thinks that the host you are connecting to is not in the config file.

Based on your comments to the other answer you already moved every host specific setting to the top of the config file, before the "Host *" section, so parsing can't be a problem now.

But the ssh client still can't find that host in the config file which can only mean that the Host which you wrote into the config file differ from the one which you wrote on the command line when you invoked ssh. Are you sure that the Host you wrote in the config file is EXACTLY the same as what you write on the command line? (It has to be exactly the same, names are not converted to a canonicalized host name before matching.)

Best Answer

Related Solutions

Ubuntu – How to permanently save a password-protected SSH key

Ubuntu – ssh key authentication still prompts password

Related Question