Intro
As a developer you work on many projects at the same time. Maybe you work on your own project on Gitlab and you’re helping a friend with theirs on GitHub. So, you just added your second SSH key and you’re about to hit that sweet “git clone” or “git fetch” command and git freaks out. Let’s fix that
Adding a SSH key
Let’s first go through the steps of adding a new SSH key.
You will need the OpenSSH client at version 6.5+, which is usually pre-installed on Windows, Linux and MacOS
Encryption types
Gitlab recommends either “ED25519” or “RSA” as the encryption algorithm for a new SSH key.
Open a terminal and type
ssh-keygen -t ed25519 -C "<comment>"
OR
ssh-keygen -t rsa -b 2048 -C "<comment>"
Press enter and follow the on-screen guide. The first prompt will ask you where the new key pair should be stored. Suggestion – leave it as the default, and just update the file name if you’re like me and you tend to forget stuff easily.
The next prompt will be for a password to protect your shiny new key pair. Or you can leave it blank if you want to
Finaly a confirmation is displayed with a nice randomart image attached to it.
Here’s the full command with the inputs all together:
As we’re talking about multiple keys, let’s go ahead and generate two more:
Here’s what the directory looks like after the above commands
Pointing git to the correct key
Currently, git has no idea which key to use when you call “git fetch” on your GitHub repo. Let’s fix that.
Open a terminal and sudo nano/vim/vi into ~/.ssh/config
We need to point each key to a host, and you can do that by using the following directive:
Host host.extension
IdentityFile ~/.ssh/KEY_TO_LINK
Example of the above keys being configured to three separate domains:
Additional flags
You can add many more flags to each directive. The one you see added above means the following:
Specifies whether keys should be automatically added to a running ssh-agent(1). If this option is set to
https://man.openbsd.org/ssh_configyes
and a key is loaded from a file, the key and its passphrase are added to the agent with the default lifetime, as if by ssh-add(1). If this option is set toask
, ssh(1) will require confirmation using theSSH_ASKPASS
program before adding a key (see ssh-add(1) for details)
For more details on additional flags, please check the main ssh config man page: https://man.openbsd.org/ssh_config
That’s it. Happy coding