How to Configure GitHub Authentication Using SSH Certificates

How to Configure GitHub Authentication Using SSH Certificates

Using SSH certificates to authenticate with GitHub is a secure and efficient way to manage your repositories. This guide will walk you through the process step by step.

---

1. Generate an SSH Key Pair

First, create a new SSH key pair or use an existing one.

Run the following command:

ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519_github -C "ssh key for github"

• -o: Ensures the private key file is saved in the new OpenSSH format for improved security.
• -a 100: Specifies the number of rounds for the key derivation function, enhancing brute-force resistance.
• Enter a passphrase (optional but recommended for added security).

---

2. Add the SSH Key to Your SSH Agent

Next, ensure your SSH key is available to the SSH agent.

Start the SSH agent:

eval "$(ssh-agent -s)"

Add your private key:

ssh-add ~/.ssh/id_ed25519_github

---

3. Add the Public Key to Your GitHub Account

Now, link your public SSH key to your GitHub account:

1. Copy the contents of your public key:

   cat ~/.ssh/id_ed25519_github.pub

Note: Ensure that you only share the public key file (e.g., id_ed25519_github.pub) and never share your private key file (e.g., id_ed25519_github).

1. Add the key to GitHub:
   • Open GitHub SSH Settings.
   • Click New SSH key.
   • Paste your public key into the key field.
   • Give it a descriptive title and save it.

---

4. Configure SSH for GitHub

To ensure GitHub uses the correct SSH key, configure your SSH settings:

Edit (or create) the ~/.ssh/config file:

nano ~/.ssh/config

Add the following configuration:

Host github.com
  HostName github.com
  IdentityFile ~/.ssh/id_ed25519_github
  IdentitiesOnly yes

Note: This ensures that only the specified identity file is used, which is crucial in environments with multiple SSH keys to avoid authentication errors.

Save and exit the file.

---

5. Test Your SSH Connection

Verify that GitHub recognizes your SSH setup by running:

ssh -T git@github.com

If everything is set up correctly, you should see a success message:

Hi username! You've successfully authenticated, but GitHub does not provide shell access.

Note: If this step fails, ensure the following:

• Verify that the SSH key has the correct permissions by running chmod 600 ~/.ssh/id_ed25519_github.
• Confirm that the public key is added to your GitHub account.
• Check that the ~/.ssh/config file is properly configured.

---

6. Use SSH for GitHub Repositories

Finally, use SSH URLs for GitHub repositories:

• Clone a repository using SSH:

  git clone git@github.com:username/repository.git

• Update an existing repository's remote URL to use SSH:

  git remote set-url origin git@github.com:username/repository.git

Tip: To confirm that the remote URL has been updated successfully, run:

  git remote -v

---

Conclusion

With this setup, you've configured GitHub to authenticate using SSH certificates, providing a secure and efficient method for managing your repositories. Let me know in the comments if you have any questions or tips to share!

---