Using multiple ssh keys with gitgub

selwyn's picture

Building on this article and this video I figured I would spell out some of the details of using multiple ssh keys with github. I re-read the article a few times before I found the comments which spelled out what I finally needed to be able to have multiple email accounts each with a different ssh key for github repos. This article applies to a Mac running OSX but could easily be adapted to linux platforms.


First Create your ssh keys (if you haven't already)

Most places want a 4096 byte (4K) key

$ cd ~/.ssh
$ ssh-keygen -t rsa -b 4096 -C "[email protected]"

There are a few simple prompts i.e. filename will suggest id_rsa
Enter passphrase:  just hit return twice
The system will have generated some files

$ ls -al
[email protected] 1 selwyn  staff   1.6K May  18  2017 id_rsa
[email protected] 1 selwyn  staff   409B May  18  2017 id_rsa.pub

Add the key to the agent with:

$ ssh-add ~/.ssh/id_rsa

Create the second ssh key by doing this again but specify a filename of id_rsa2

$ ls -al
[email protected] 1 selwyn  staff   1.6K May  18  2017 id_rsa2
[email protected] 1 selwyn  staff   409B May  18  2017 id_rsa2.pub

Don't forget to add the key to agent as above.

You can use the following command to list all the keys
$ ssh-add -l

Copy the id_rsa.pub file to the clipbpoard
$ pbcopy < ~/.ssh/id_rsa.pub

Next step is to get the .pub public keys loaded into github
Login to github with the first email address,  Navigate to your profile to the section called SSH and GPG keys, use the NEW SSH key button and paste in the key. Note, don't ever share the id_rsa file, that is your private key.

Now repeat for the second key.
i.e. login to github with the second email address and paste the id_rsa2.pub key.

Edit the config file
You will also need to edit the ~/.ssh/config file to say:
Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa

More info about generating an ssh key

Create Aliases in the config file
now back to the ~/.ssh/config file to create aliases
e.g.

Host githubnist
  Hostname github.com
  User git
  IdentityFile ~/.ssh/id_rsa3
Host githubselwyn
  Hostname github.com
  User git
  IdentityFile ~/.ssh/id_rsa
Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_rsa

The first Host alias githubnist will use the ssh key id_rsa3, whereas the second alias githubselwyn will use the id_rsa ssh key.  All others will use id_rsa.

How do I use those aliases?
Then to use them, you use the alias from the Host lines e.g. Host githubtest when you setup the remotes.
It looks like this:

to clone your test repo, navigate to ~/Sites and where github tells you to clone

$ git clone [email protected]:selwynpolit/test.git

you instead use

$ git clone [email protected]:selwynpolit/test.git

Notice how github.com is replaced with githubtest

Navigate into the directory where the repo has been cloned and you will be able to see your source code from github.
$ cd test

Anywhere github tells you to use github.com, replace it with your alias.  Here github suggests we add an origin:
$ git remote add origin [email protected]:selwynpolit/test.git

instead use:
$ git remote add origin [email protected]:selwynpolit/test.git

Notice how github.com is replaced with githubtest

Use git config to setup name and email specific to each project
git config user.email "[email protected]"
git config user.name "Selwyn Polit"

then use git pull/push etc just as you normally would

if you already have remotes setup e.g.
$ git remote -v
origin  [email protected]:selwynpolit/test.git (fetch)
origin  [email protected]:selwynpolit/test.git (push)

you can nuke them and recreate them with the new alias

git remote rm origin
git remote add origin [email protected]:selwynpolit/test.git

and now you will see:
$ git remote -v
origin  [email protected]:selwynpolit/test.git (fetch)
origin  [email protected]:selwynpolit/test.git (push)

For the githubnist alias you follow the same steps.  Navigate to the directory e.g. ~/Sites and clone the repo using your alias

$ git clone [email protected]:abcera/nist.git

navigate into the directory and add the remote

$ git remote add origin [email protected]:abcera/nist.git

use git config to setup name and email specific to each project
git config user.email "[email protected]"
git config user.name "Selwyn Polit"

Now you can use any standard git commands while in the nist directory and the correct ssh key will be used.  The same will work if you navigate to the test directory.

I hope this simplifies things for my fellow developers out there.

Category: