Throughout time in developments we faced multiple repositories with different git account/credentials. Managing multiple Git accounts and ensuring commit authenticity can be challenging.
This guide simplifies the process by combining multi-account SSH key setup with GPG signing for secure authentication and trusted commits across your Linux, Windows, and macOS workstation.
Why It Matters
- SSH Keys: Manage multiple accounts securely with password-free access. Essential for handling separate work, personal, or client repositories without confusion.
- GPG Signing: Cryptographically sign commits to prove their authenticity and protect them from tampering—critical for secure, professional or enterprise collaborations.
- This workflow is also apply to other git service provider such as gitlab or bitbucket.
Steps
Typical steps to enabling multi-account Git SSH & GPG commit signing, you can check this big picture on how we enabling it.
- Create SSH Key in workstation for each account with distinct name.
- Save your SSH Public Key to github.
- Create gpg key and save to github.
- Clone using git SSH for push access to the repo.
- Config the local git repo folder to configure username, email account and signing commit using your gpg key.
- For complete details you can follow the rest of this article.
1. Setting Up Multi-Account Git with SSH
Step 1: Generate SSH Keys
For each Git account, generate a separate SSH key.
Linux/macOS:
ssh-keygen -t rsa -b 4096 -C "email@example.com" -f ~/.ssh/id_rsa_personal
ssh-keygen -t rsa -b 4096 -C "client_email@example.com" -f ~/.ssh/id_rsa_client
Windows (Git Bash):
ssh-keygen -t rsa -b 4096 -C "email@example.com" -f ~/ssh/id_rsa_personal
ssh-keygen -t rsa -b 4096 -C "client_email@example.com" -f ~/ssh/id_rsa_client
Important notes
- During SSH Key Generation, user is your github username and email is your email registered for your github account.
- "email@example.com" : you can change to your registered github email account.
- "client_email@example.com" : you can change to your other registered github email account.
Step 2: Configure SSH
Edit the SSH config file to associate each key with its GitHub account.
-
Linux/macOS:
~/.ssh/config
-
Windows:
~/ssh/config
If the config
file doesn't exist you can create the file config
first then edit it using a text editor.
# Personal Account
Host github-personal
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_personal
# Client Account
Host github-client
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa_client
2. Adding SSH Keys to GitHub
Step 1: Copy Your Public Key
cat ~/.ssh/id_rsa_personal.pub
cat ~/.ssh/id_rsa_client.pub
Step 2: Add Keys to GitHub
- Navigate to GitHub > Settings > SSH and GPG Keys > New SSH Key.
- Paste each public key.
- Label keys for clarity (e.g., "Personal" or "Client").
Step 3: Clone Using SSH Aliases
Clone repositories using the configured aliases:
git clone git@github-personal:username/repo.git
git clone git@github-client:client/repo.git
3. Setting Up GPG Signing
Step 1: Generate a GPG Key
Linux/macOS:
gpg --full-generate-key
Windows (Gpg4win):
Install Gpg4win and run:
gpg --full-generate-key
Choose RSA and RSA (4096 bits)
and set an expiry date.
Step 2: Export the Public Key
Find the GPG key ID:
gpg --list-secret-keys --keyid-format LONG
Export and copy the key:
gpg --armor --export <GPG_KEY_ID>
Step 3: Add GPG Key to GitHub
- Go to GitHub > Settings > SSH and GPG Keys > New GPG Key.
- Paste the public key.
4. Configuring Repository-Specific Settings
For each repository, configure local Git settings to specify the username, email, and GPG key.
cd /path/to/repo
git config user.name "Your Name"
git config user.email "your_email@example.com"
git config user.signingkey <GPG_KEY_ID>
git config commit.gpgsign true
Verify settings with:
git config --get user.name
git config --get user.email
git config --get user.signingkey
This ensures commits in the repository use the correct identity and are signed.
5. Using and Verifying Signed Commits
Create a Signed Commit
git commit -S -m "Your commit message"
Verify Signed Commits
git log --show-signature
Git will display the signature status, confirming commit authenticity.
Conclusion
Combining multi-account SSH key management with GPG signing ensures secure, streamlined workflows for professional developers. Whether you're managing personal, work, or client repositories, this setup keeps your Git environment organized, authenticated, and trustworthy.
Top comments (0)