ssh is a program that we can use to log into remote computers. It is also a communication protocol that can be used to securely copy data from one server to another. In order to authenticate ourselves to a server we can either provide the server with a user name and password, or we can use a pair of SSH keys (one private and one public).
We’re going to use Git to copy our application code from our development environment to the GitHub servers. GitHub requires us to authenticate ourselves using SSH keys.
Create an SSH Key Pair
Open your terminal application. If you are working on a remote computer, log into the remote computer; otherwise, change your working directory to your home directory.
We are going to create a pair of SSH keys using the ssh-keygen program. When typing the ssh-keygen command (shown below) replace joe@example.com with any valid email addresses (leaving the quotes) and follow the instructions below.
- The ssh-keygen program will ask you to enter the name of a file in which to save the key. Do not type a file name. We want to use the default location, so simply press enter to accept the default location.
- The ssh-keygen program will then ask you to enter a passphrase. Do not enter a passphrase. Simply press enter, for no passphrase, and press enter a second time to accept the empty passphrase.
$ ssh-keygen -t rsa -b 4096 -C "joe@example.com"
Register Your Private Key with the SSH Agent
Next, start the ssh agent, if it is not already running, by running the following command.
$ eval "$(ssh-agent -s)"
You should see an agent pid (process identifier) printed to the screen.
Now, provide the ssh agent with your private key by running the following command.
$ ssh-add -k ~/.ssh/id_rsa
You now have a pair of ssh keys, started the ssh agent, and registered your private key with the ssh agent.
Inspect Your Key Files
The SSH key pair files were added to a hidden directory named .ssh located in your home directory. You can verify that your SSH key pair files were created by using the cd command in the terminal to change your working directory to the location that the key files were saved.
$ cd ~/.ssh
Then to view the contents of the directory you can use program named ls.
$ ls
You should see at least two files; one named id_rsa and one named id_rsa.pub. The file named id_rsa is your private key file. Keep it secret. Anyone with access to it can masquerade as you. The file named id_rsa.pub is your public key which we will later provide to GitHub.
You can view the contents of the files on your computer using the cat program. For example, to view your id_rsa.pub file enter the following command:
$ cat id_rsa.pub
Copy the contents of the id_rsa.pub file to your computer’s clipboard.
Provide GitHub With Your Public Key
Log onto GitHub.com.
Click on the user icon in the upper right corner, scroll down, and choose Settings.
On the left-hand side pane of the Settings screen, choose SSH and GPG keys.
Press the New SSH key button.
Enter a name for the development environment on which your private key resides (e.g. laptop or cs.bridgewater.edu) and paste the contents of your public key file (id_rsa.pub) into the key field. Press Add SSH key.
Test the SSH Communication Channel
Run the following command from the terminal to verify that you can communicate with GitHub via ssh.
$ ssh -T git@github.com
When prompted if you want to continue, enter yes and press enter.
If successful, you should see a message that reads “You’ve successfully authenticated, but GitHub does not provide shell access.”