Some intro
- GitHub do provide option to use SSH to connect and do many things same as using the standard CLI.
- And there are some functionalities offered by using SSH that make life easier, for example no need for token to pull your branch.
- This is how to change your repo connection to use SSH. This is done in linux ubuntu OS.
Setting Up SSH keys and Permission
- For this, you can use existing user or create a new user specifically for deployment/pull/push through SSH.
cd ~ # create .ssh folder inside user home directory mkdir .ssh # generate key private and public (.pub) using ssh-keygen, and give name like "github_dev". # Optional, dont assign passphrase if you want to use it for CLI. ssh-keygen -t ed25519-sk -C "your_email@example.com" # check ssh agent running eval $(ssh-agent -s) # register only private key (no .pub) generated to ssh agent ssh-add ~/.ssh/<private_key_file> - for secure linux and current user to read private key to execute GitHub CLI, update the permission for access.
# change permission key file for read-only cd ~/.ssh chmod 644 <private_key> sudo chgrp <username> <private_key> # change permission to folder .ssh cd ~ chmod 700 .ssh sudo chgrp <username> .ssh - you also can directly define any SSH connection to GitHub to use the private key generated by creating 'config' file
# config connection using ssh and correct key file nano .ssh/config # paste the following into the 'config' file Host github.com Hostname ssh.github.com Port 443 User git IdentityFile ~/.ssh/<private_key> #generated private key location Register public key generated to GitHub account.
- Go to intended GitHub account setting to register this public SSH key.
- Give any name you want.
Check Signature Github.
- use the command below to cross check signature of the ssh agent is the same as displayed by GitHub
ssh-add -l -E sha256 
Testing GitHub SSH Connection
- test successful connection through SSH to GitHub by:
# testing connection to github ssh -T git@github.com # testing with more details for troubleshooting ssh -vT git@github.com Update Repository Remote URL
- After successful connection through SSH, change current local repository remote to use SSH
- usually the remote url is like this:
# Check connection profile setup git remote -v # result # origin https://github.com/****.git (fetch) # origin https://github.com/****.git (push) - you can either update original 'origin' or add new one like 'myssh'
- the address can be refer back here:
# add ssh connection profile 'myssh' git remote add myssh ssh://git@****.git # result # origin https://github.com/****.git (fetch) # origin https://github.com/****.git (push) # myssh git@github.com:****.git (fetch) # myssh git@github.com:****.git (push) # update existing connection profile 'origin' to use SSH git remote set-url origin git@github.com:****.git # result # origin git@github.com:****.git (fetch) # origin git@github.com:****.git (push) # update back to use HTTP git remote set-url origin https://github.com/****.git - example using GitHub CLI through SSH connection profile different than default 'origin'
# using 'myssh' connection profile git checkout myssh/<branch name> -b <new branch name> User Connection Issue
- There will be an issue sometimes with linux system user especially when using 'sudo'. In this case, the one executing CLI is not the current user but by the 'root' system user.
- In this case, to maintain user profile, use '-E' flag:
sudo -E git fetch Bash Script
- Example a bash script to pull the 'develop' branch.
- The ssh-agent may need to be started again in linux.
#!/bin/bash # start ssh-agent and register back private key eval $(ssh-agent -s) ssh-add ~/.ssh/<private_key_file> # Go to project epo cd /var/www/<local repository directory> # Checkout 'develop' branch git checkout develop # Update connection profile # git remote set-url origin git@github.com:*****.git # Pull latest changes git pull # Checkout by latest tag # git fetch --tags # tag=$(git describe --tags `git rev-list --tags --max-count=1`) # echo $tag # git checkout $tag -b latest # Set back to HTTP # git remote set-url origin https://github.com/*****.git # # Additional steps # echo Done 
Top comments (0)