Use Multiple SSH Keys for Git host websites (Github, Gitlab)

2024/06 29 11:06

This is guide about how to configure multiple SSH keys for some Git host websites such as GithubGitlab, among others.

Creating SSH keys

  1. Create SSH directory:mkdir ~/.ssh
  2. Move to created directory:cd ~/.ssh
  3. To create a SSH key, type:ssh-keygen -t rsa -C “EMAIL@HOST.com”a message will be displayed:Generating public/private rsa key pair. Enter file in which to save the key (/home/USER/.ssh/id_rsa):You should type someething of the default name of the file to distinguish service, such as: id_rsa_myaccount_githubid_rsa_myaccount_gitlabid_rsa_mycompanyaccount_gitlab.After this step a passphrase is needed for security, which can be empty.
  4. Repeat previous step for every required account.
  5. To see if the keys were successful created:ls ~/.sshwhich it is going to print all key files, for example: id_rsa_myaccount_github id_rsa_myaccount_gitlab.pub id_rsa_myaccount_github.pub id_rsa_mycompanyaccount_gitlab id_rsa_myaccount_gitlab id_rsa_mycompanyaccount_gitlab.pub

Creating config file for manage SSH keys

  1. To create config file:touch ~/.ssh/config
  2. Edit the file to configure domains for the keys:nano ~/.ssh/configfor example, if three accounts were added, should look like this:# github account Host github.com HostName github.com PreferredAuthentications publickey IdentityFile ~/.ssh/id_rsa_myaccount_github # gitlab account Host gitlab.com HostName gitlab.com PreferredAuthentications publickey IdentityFile ~/.ssh/id_rsa_myaccount_gitlab # gitlab company account Host gitlab.my_company.com HostName gitlab.my_company.com PreferredAuthentications publickey IdentityFile ~/.ssh/id_rsa_mycompanyaccount_gitlab
  3. Save file and exit.

Using two accounts from the same server (website) [Optional]

A new host has to be created.

  1. Create a new entry on the ~/.ssh/config file(example with Github):
Host other.github.com
HostName github.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_otheraccount_github

where other.github.com is the alias for the host, although the server(HostName) is github.com. The IdentityFile option points to a (previously) created key file configured with the required account.

After this, a custom url can be used to clone the project.git clone git@other.github.com:USER/REPOSITORY.git

where other.github.com is the previously created domain.

Configure SSH on Repository site

To configure ssh on each repository website:

  1. Copy the content of the id_rsa_X.pub with xclip command(may not be installed) to the clipboard(where id_rsa_X.pub is the wanted key file):xclip -sel clip < ~/.ssh/id_rsa_X.pub(content also can also be manually copied from the *.pub file)
  2. Paste the content on the repository site, check next section.

Configure SSH on Github

  1. Go to https://github.com.
  2. Go to Profile Settings > SSH and GPG Keys > click on button New SSH Key.
  3. On Title add a descriptive label, such as the hostname of the device…​
  4. On the Key field past the clip content with the key.
  5. Finally click on Add SSH key and after that the site ask for the user password.

Configure SSH on Gitlab

  1. Go to https://gitlab.com.
  2. Go to Profile Settings > SSH Keys.
  3. On the Key field past the clip content with the key.
  4. On Title add a descriptive label, such as the hostname of the device…​
  5. Finally click on Add key.

Testing SSH Keys

  1. Type(substitute HOST with the desired one(githubgitlab, …​)):ssh -T git@HOST.coma warning will appear, accept it with yes:The authenticity of host 'HOST.com (IP ADDRESS)' can't be established. RSA key fingerprint is 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48. Are you sure you want to continue connecting (yes/no)?A successful message will appear:
    1. For Github:Hi USERNAME! You've successfully authenticated, but GitHub does not provide shell access.
    2. For Gitlab:Welcome to GitLab, USERNAME!

Delete SSH Cache and add Keys

If the SSH does not work, maybe the keys need to be added with ssh-add command

  1. First delete keys cache:ssh-add -Dif a message appear:Could not open a connection to your authentication agent.use this command and after that retry:eval `ssh-agent -s`
  2. Add key file with ssh-add command:ssh-add ~/.ssh/id_rsa_file
  3. To see added keys, type:ssh-add -ldand something such as this will be displayed:2048 SHA256:DXlgYQo1o/65JQCSYQo/L4RRP4i+wTouyEetkOIcn/o EMAIL_1 (RSA) 2048 SHA256:4FPtZYDtHipZeHqP9KNB3Wslz9L5q/JoAGT3g/NW3O8 EMAIL_2 (RSA) 2048 SHA256:tXCoBI2dMtTFhUhE5oBT+XwwkrhkorkOHbSc1J22urQ EMAIL_3 (RSA)
  4. Retry testing connection.

Using SSH keys

To use a git repository with the SSH, this url style has to be used for the repository:git@HOST:USERNAME/REPOSITORY.git

where HOST is the configured domain, which can be githubgitlab or a personalized one.

If project origin is already configured with HTTPS, it has to be changed to the SSH url style (check next section).

WarningIf you want to use the HTTPS url, other steps will be required.

Change HTTPS url to SSH url [Optional]

  1. List existing remotes in order to get the name of the repository:git remote -v
  2. Change remote url, substitute HOST for server domain or a previously create custom HOST:git remote set-url origin git@HOST:USERNAME/REPOSITORY.git
NoteIt can be used the same method to change from SSH to HTTPS.

Important: About git config user name and email

In spite SSH keys were configured for the access, the Git user name and email need to be configured, because these will be associated to the commits.

To see actual configuration, type:git config –list

If global user name and email were configured will be displayed at the beginning, if not, these values will not appear.

NoteIf the command was run on a repository and this one has a local user name and email configured, these values will be displayed at the end of configuration.

Configure user name and email on all repositories (globally)

ImportantYou may want to configure the most used user name and email globally, but watch out since every commit with not local configuration will use these values.
  1. Go to the root directory of the repository.
  2. Type to configure user name:git config –global user.name “YOUR NAME”
  3. Type to configure user email:git config –global user.email “email@HOST.com”
  4. To see if the global fields were correctly configured, use the git config --list command or check global Git file.nano ~/.gitconfigthis will display a section like:[user] name = YOUR NAME email = email@HOST.comNoteIf the user name or the user email were not configured this section will not appear.

Configure user name and email on a unique repository (locally)

  1. Go to the root directory of the repository.
  2. Type to configure user name:git config user.name “YOUR NAME”
  3. Type to configure user email:git config user.email “email@HOST.com”
  4. To see if the global fields were correctly configured, use the git config --list command or check local Git file:nano ./.git/configthis will display a section like:[user] name = YOUR NAME email = email@HOST.comNoteIf the user name or the user email were not configured this section will not appear.