Intro
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. This allows you to connect securely to other services or machines.
In this post I am going to explain how to configure your linux machine to github using SSH.
Create SSH keys
First we will create a SSH key that will allow you to connect to github.
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
Then I suggest you save the SSH key with some useful name like /home/ubuntu/.ssh/github_ssh
Finally add a passphrase. This will ensure that your SSH credentials are safe even if someone access your computer.
Use keychain
If you are using Windows you don’t need to do that step.
The SSH key you just created has a passphrase and you probably don’t want to write it every time you open a new terminal.
You can use keychain to remember the passphrase.
sudo apt install keychain
First of all some people use ssh-agent to add the SSH keys but you need to start one every time you open a new terminal and they don’t die. So after some time you will end with a lot of ssh-agents running. If you did that you can step them with:
keychain --stop all
You can check that only one ssh-agent is running with ps -ef | grep ssh-agent
To set up keychain edit the ~/.bashrc file so that keychain is started everytime you open a terminal.
~/.bashrc
# Add this line at the end
eval `keychain --agents ssh --eval github_ssh`
github_ssh is the name of the SSH key to import you could add more separating them by spaces
Add the SSH key to github
This guide focus on github but you can do the same following similar steps for other git services like bitbucket.
- Copy the content of the
~/.ssh/github_ssh.pubfile. - Go to github settings page.
- Select
SSH and GPG keyssection. - Click
add new SSH keys. - Use some meaningful name like
aws_ec2, paste the SSH key and save it. - If asked, write your github password.
Check the SSH connection
The first thing you should do is to restart the terminal so that changes can be applied.
Run the following command:
ssh -T git@github.com
The first time it will say that the authenticity of github.com can’t be established. Enter yes to add it to the list of known hosts so that you won’t get asked each time.
You should see a message saying Hi XXXX! You've successfully authenticated
Cloning a git repo
Since you are using SSH the clone command will change a little bit. Instead of using:
git clone https://github.com/username/repo_name.git
You should use:
git clone git@github.com:username/repo_name.git
After doing all that you can use git without needing to worry about passwords or passphrases anymore.
Troubleshooting slow SSH connections
Sometimes the SSH connection works correctly, but cloning or fetching from GitHub is extremely slow. For example, you may see transfer speeds around a few KiB/s.
This can happen if your network, VPN, firewall, or ISP handles SSH traffic on port 22 badly. GitHub also supports SSH over port 443, which is usually treated like normal HTTPS traffic. Another possible cause is bad IPv6 routing.
To fix both, create or edit this file:
~/.ssh/config
Host github.com
HostName ssh.github.com
Port 443
User git
AddressFamily inet
Then test the connection:
ssh -T git@github.com
You should still see:
Hi XXXX! You've successfully authenticated
You can verify that the configuration is being used with:
ssh -vT git@github.com
Look for something like:
Connecting to ssh.github.com [...] port 443
After this, your normal GitHub SSH commands still work as usual:
git clone git@github.com:username/repo_name.git