Configure SSH Keys for Your GitHub Account

ยท

3 min read

Do it before you need it

In my previous article, I wrote about GitHub's RSA SSH Host Key update. This shows that even enterprise companies that we depend on can have issues that may affect our daily lives.

Mistakes will happen in our profession and throughout the industry. Adapting a security-first mindset for production environments is important to help minimize potential issues in the future. SSH keys provide a secure way to authenticate and establish a secure connection between your local development machine and GitHub.

In this article, I will discuss how to install an SSH key on GitHub for your local developer environment. I will also explore the pros and cons of using SSH keys for your development environment.

Install SSH Key for GitHub

Prerequisites

Before we begin, make sure you have the following prerequisites:

  • A GitHub account

  • Git installed on your local machine

Step 1: Generate SSH Key

  1. Open your terminal.

  2. Run the following command to generate a new SSH key:

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  1. Press Return to accept the default file location and name for your SSH key.

    โ—
    NOTE: DO NOT skip the next step of generating a passphrase.
  2. Enter a passphrase for your SSH key. This step is important for adding another layer of security.

Step 2: Add SSH Key to SSH Agent

Start the SSH agent by running the following command:

eval "$(ssh-agent -s)"

Add your SSH private key to the SSH agent by running the following command:

ssh-add ~/.ssh/id_rsa

Step 3: Add SSH Key to GitHub

Copy your SSH public key to the clipboard by running the following command:

pbcopy < ~/.ssh/id_rsa.pub
  1. Go to your GitHub account settings.

  2. Click on "SSH and GPG keys" in the left sidebar.

  3. Click on "New SSH key" or "Add SSH key".

  4. Give your SSH key a title and paste the copied public key into the "Key" field.

  5. Click on "Add SSH key" to save.

Step 4: Test SSH Connection

  1. Test your SSH connection to GitHub by running the following command:
ssh -T git@github.com
  1. You should see a success message indicating that you've successfully authenticated.

SSH Keys: Pros and Cons

Pros

  1. Enhanced Security: SSH keys provide a more secure way of authentication compared to passwords. They use public-key cryptography, making it difficult for attackers to intercept and decrypt your credentials.

  2. Convenience: Once set up, SSH keys allow for seamless authentication without the need to enter passwords repeatedly.

  3. Automation: SSH keys can be used in automated scripts and workflows, enabling seamless integration with various tools and services.

  4. Multiple Accounts: SSH keys allow you to manage multiple GitHub accounts easily by associating different keys with different accounts.

Cons

  1. Initial Setup: Setting up SSH keys requires generating and managing key pairs, which can be a bit complex for beginners.

  2. Key Management: If your private key gets compromised, it can lead to unauthorized access. Therefore, it is crucial to protect your private key with a strong passphrase and follow best practices for key management.

  3. Limited Accessibility: SSH keys are tied to specific machines. If you need to access your GitHub account from a different machine, you'll need to generate and add a new SSH key.

Conclusion

Installing an SSH key for GitHub on your local developer environment provides a secure and convenient way to authenticate and interact with your repositories. While there are some complexities involved in the initial setup and key management, the enhanced security and automation benefits make SSH keys a necessary addition to any production development workflow.

ย