How to Configure GitHub Authentication Using SSH Certificates

Using SSH certificates to authenticate with GitHub is a secure and efficient way to manage your repositories. This guide will walk you through the process step by step.

1. Generate an SSH Key Pair

First, create a new SSH key pair or use an existing one.

Run the following command:

ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519_github -C "ssh key for github"

• -o: Ensures the private key file is saved in the new OpenSSH format for improved security.
• -a 100: Specifies the number of rounds for the key derivation function, enhancing brute-force resistance.
• Enter a passphrase (optional but recommended for added security).

2. Add the SSH Key to Your SSH Agent

Next, ensure your SSH key is available to the SSH agent.

Start the SSH agent:

eval "$(ssh-agent -s)"

Add your private key:

ssh-add ~/.ssh/id_ed25519_github

3. Add the Public Key to Your GitHub Account

Now, link your public SSH key to your GitHub account:

1. Copy the contents of your public key:

   cat ~/.ssh/id_ed25519_github.pub

Note: Ensure that you only share the public key file (e.g., id_ed25519_github.pub) and never share your private key file (e.g., id_ed25519_github).

1. Add the key to GitHub:
   • Open GitHub SSH Settings.
   • Click New SSH key.
   • Paste your public key into the key field.
   • Give it a descriptive title and save it.

4. Configure SSH for GitHub

To ensure GitHub uses the correct SSH key, configure your SSH settings:

Edit (or create) the ~/.ssh/config file:

nano ~/.ssh/config

Add the following configuration:

Host github.com
  HostName github.com
  IdentityFile ~/.ssh/id_ed25519_github
  IdentitiesOnly yes

Note: This ensures that only the specified identity file is used, which is crucial in environments with multiple SSH keys to avoid authentication errors.

Save and exit the file.

5. Test Your SSH Connection

Verify that GitHub recognizes your SSH setup by running:

ssh -T [email protected]

If everything is set up correctly, you should see a success message:

Hi username! You've successfully authenticated, but GitHub does not provide shell access.

Note: If this step fails, ensure the following:

• Verify that the SSH key has the correct permissions by running chmod 600 ~/.ssh/id_ed25519_github.
• Confirm that the public key is added to your GitHub account.
• Check that the ~/.ssh/config file is properly configured.

6. Use SSH for GitHub Repositories

Finally, use SSH URLs for GitHub repositories:

• Clone a repository using SSH:

  git clone [email protected]:username/repository.git

• Update an existing repository's remote URL to use SSH:

  git remote set-url origin [email protected]:username/repository.git

Tip: To confirm that the remote URL has been updated successfully, run:

  git remote -v

Conclusion

With this setup, you've configured GitHub to authenticate using SSH certificates, providing a secure and efficient method for managing your repositories. Let me know in the comments if you have any questions or tips to share!