Skip to content

Instantly share code, notes, and snippets.

@brennanMKE
Last active December 23, 2024 14:54
Show Gist options
  • Save brennanMKE/8e09593ca4064deab59da807077d8f53 to your computer and use it in GitHub Desktop.
Save brennanMKE/8e09593ca4064deab59da807077d8f53 to your computer and use it in GitHub Desktop.
Create SSH Key on Mac for Xcode

Create SSH Key on Mac for Xcode

The docs for GitHub show a command to create a key with the ed25519 encryption method which is not allowed by Xcode. Even if you are not using the Source Control features in Xcode you will often need to use an account with GitHub when you are consuming Swift packages which are pulled from GitHub.

For SSH keys there are 4 algorithms.

  • 🚨 DSA: This is an older algorithm which is no longer supported and is superceded with more modern algorithms.
  • ⚠️ RSA: This algorithm was an improvement but it is now outdated and a more modern method should be used.
  • 👀 ECDSA: Another improvement which is dependent on your computer's ability to generate random numbers.
  • ✅ Ed25519: The most recommended public-key algorithm today which you should use with GitHub.

(Source)

Instead of the command shown in the docs, use ecdsa which Xcode will accept. It can be done with the command below which will create a new key in a file named id_github using the ed25519 algorithm. Use your own email for this key. If you already have a key you could move it into another folder or delete it as you won't be using it anymore.

ssh-keygen -o -a 100 -t ecdsa -f ~/.ssh/id_github -C "YOUR_EMAIL@ACME.COM"

Using id_github for the name to makes it easier to identify the purpose for this key. Once the key is created run the ssh-agent.

eval "$(ssh-agent -s)"

Add the key to the Keychain with this command.

ssh-add --apple-use-keychain ~/.ssh/id_github

Once your new key is ready follow these steps to use it.

  1. Go to Settings on GitHub then to SSH and GPG keys
  2. Remove any keys you won't be using anymore
  3. Copy the contents of your new public key with this command: pbcopy < ~/.ssh/id_github.pub
  4. Add the new key by pasting it in and use a unique label to identify it
  5. Go to Developer Settings then Personal Access Tokens
  6. Delete any unused tokens
  7. Add a new token with an expiration and copy the token
  8. Open Xcode then Preferences
  9. Go to accounts and remove the GitHub account
  10. Add back a GitHub account with your username and the token that was just copied
  11. Select id_github as the SSH key
  12. See that Xcode accepts the new key and checks it with GitHub
  13. Open the Keychain app and search each keychain for id_github
  14. Remove any old keys which will no longer be valid

Once these steps are completed you will be able to use Xcode with GitHub.


@Claes34
Copy link

Claes34 commented Mar 16, 2022

Thank you ! Have had trouble all day, getting an error from github in Xcode when trying to fetch private dependencies with SPM. Creating an ECDSA key and using it in Xcode was the solution. RSA key wouldn't work anymore since this morning and Ed25519 was not supported by my version of Xcode.

@jgale
Copy link

jgale commented Mar 16, 2022

@brennanMKE I was following these steps and they didn't work. Finally I figured it out. Your ssh-keygen command says to use ed25519 but the text says to use ecdsa. Thanks for writing this up, I have it working with ecdsa now.

@vale-cocoa
Copy link

👌

@antranapp
Copy link

Correct ssh-keygen command

ssh-keygen -o -a 100 -t ecdsa -f ~/.ssh/id_github -C "YOUR_EMAIL@ACME.COM"

@vale-cocoa
Copy link

Correct ssh-keygen command

ssh-keygen -o -a 100 -t ecdsa -f ~/.ssh/id_github -C "YOUR_EMAIL@ACME.COM"

ed25519 worked fine for me.

@Faydee1220
Copy link

Faydee1220 commented Mar 23, 2022

@antranapp

Correct ssh-keygen command

ssh-keygen -o -a 100 -t ecdsa -f ~/.ssh/id_github -C "YOUR_EMAIL@ACME.COM"

ecdsa works for me. Thanks.

Xcode 13.3
Mac OS 12.3 (M1 Pro)

@brennanMKE
Copy link
Author

OS version appears to change which command to use but I cannot say which one to use. Run man ssh-keygen to see options for type with the -t switch.

@brennanMKE
Copy link
Author

Correct ssh-keygen command

ssh-keygen -o -a 100 -t ecdsa -f ~/.ssh/id_github -C "YOUR_EMAIL@ACME.COM"

👍

@DanielZanchi
Copy link

What if I want to share a repo via SSH but not all the account? From step 5 the other person I am sharing the repo with would not have to login with my username

@mkilmerr
Copy link

mkilmerr commented Jul 8, 2022

Thank you very much!!!! You saved my day dude 🤟🏾🤟🏾🤟🏾

@goldfishsound
Copy link

Thank you! This was incredibly hard to figure out. I couldn't find the ecdsa format listed on Git's docs.

@ThePredators
Copy link

tried to add to keychain the ssh key generated, but got error :

ssh-add --apple-use-keychain ~/.ssh/id_bitbucket                                                                                                                        ─╯
ssh-add: illegal option -- -
usage: ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]
               [-h destination_constraint] [-S provider] [-t life]
               [file ...]
       ssh-add -s pkcs11
       ssh-add -e pkcs11
       ssh-add -T pubkey ...

@UADanielStorm
Copy link

Xcode 13.3 resolved this issue: https://developer.apple.com/documentation/xcode-release-notes/xcode-13_3-release-notes#Source-Control

Xcode now supports using ED25519 public key signatures to perform git operations. You can select an existing ED25519 key from the Accounts tab in Xcode Preferences. (88897990)

@ekieffer-3
Copy link

ekieffer-3 commented May 2, 2023

tried to add to keychain the ssh key generated, but got error :

ssh-add --apple-use-keychain ~/.ssh/id_bitbucket                                                                                                                        ─╯
ssh-add: illegal option -- -
usage: ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]
               [-h destination_constraint] [-S provider] [-t life]
               [file ...]
       ssh-add -s pkcs11
       ssh-add -e pkcs11
       ssh-add -T pubkey ...

@ThePredators - see: https://github.com/github/docs/blob/main/content/authentication/troubleshooting-ssh/error-ssh-add-illegal-option----apple-use-keychain.md and use /usr/bin/ssh-add --apple-use-keychain ~/.ssh/<key> instead.

@orionfly
Copy link

Thanks so much! That was so easy with your explanation 🫶 🙏

@isturiz
Copy link

isturiz commented Jul 8, 2023

Thank you! That worked perfectly

@toheeb-orelope
Copy link

Thank you for this great help. After that what is the process to push the project to the repository through Xcode.

@ramjeetm
Copy link

Hi Everyone,

I have facing the below issue while configuring the privateKey in my application, can someone please help me I am frustrated last 1 week to resole it please help someone

org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'healthContributorRegistry' defined in class path resource [org/springframework/boot/actuate/autoconfigure/health/HealthEndpointConfiguration.class]: Unsatisfied dependency expressed through method 'healthContributorRegistry' parameter 2: Error creating bean with name 'configServerHealthIndicator' defined in class path resource [org/springframework/cloud/config/server/config/EnvironmentRepositoryConfiguration$ConfigServerActuatorConfiguration.class]: Unsatisfied dependency expressed through method 'configServerHealthIndicator' parameter 0: Error creating bean with name 'searchPathCompositeEnvironmentRepository' defined in class path resource [org/springframework/cloud/config/server/config/CompositeConfiguration.class]: Unsatisfied dependency expressed through method 'searchPathCompositeEnvironmentRepository' parameter 0: Error creating bean with name 'defaultEnvironmentRepository' defined in class path resource [org/springframework/cloud/config/server/config/DefaultRepositoryConfiguration.class]: Unsatisfied dependency expressed through method 'defaultEnvironmentRepository' parameter 1: Error creating bean with name 'multipleJGitEnvironmentProperties': Could not bind properties to 'MultipleJGitEnvironmentProperties' : prefix=spring.cloud.config.server.git, ignoreInvalidFields=false, ignoreUnknownFields=true
2024-12-18T13:35:53.269Z INFO 1 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
2024-12-18T13:35:53.440Z INFO 1 --- [ main] .s.b.a.l.ConditionEvaluationReportLogger :

Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
2024-12-18T13:35:53.458Z ERROR 1 --- [ main] o.s.b.d.LoggingFailureAnalysisReporter :


APPLICATION FAILED TO START


Description:

Binding to target org.springframework.boot.context.properties.bind.BindException: Failed to bind properties under 'spring.cloud.config.server.git' to org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties failed:

**Reason: Property 'spring.cloud.config.server.git.privateKey' is not a valid private key**

Action:

Update your application's configuration

  1. generated the private key using the below command

    ssh-keygen -o -a 100 -t ecdsa -f ~/.ssh/id_github -C "xxx@test.com"
    ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -C "xxx@test.com"

  2. Added the SSH key to gitgub

  3. added private key in the Environment Variable

Please some save me
Thank You

@ramjeetm
Copy link

I am using a mac machine

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment