Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Multiple SSH keys for different github accounts

Multiple SSH Keys settings for different github account

create different public key

create different ssh key according the article Mac Set-Up Git

$ ssh-keygen -t rsa -C "your_email@youremail.com"

Please refer to github ssh issues for common problems.

for example, 2 keys created at:

~/.ssh/id_rsa_activehacker
~/.ssh/id_rsa_jexchan

then, add these two keys as following

$ ssh-add ~/.ssh/id_rsa_activehacker
$ ssh-add ~/.ssh/id_rsa_jexchan

you can delete all cached keys before

$ ssh-add -D

finally, you can check your saved keys

$ ssh-add -l

Modify the ssh config

$ cd ~/.ssh/
$ touch config
$ subl -a config

Then added

#activehacker account
Host github.com-activehacker
	HostName github.com
	User git
	IdentityFile ~/.ssh/id_rsa_activehacker

#jexchan account
Host github.com-jexchan
	HostName github.com
	User git
	IdentityFile ~/.ssh/id_rsa_jexchan

Clone you repo and modify your Git config

clone your repo git clone git@github.com:activehacker/gfs.git gfs_jexchan

cd gfs_jexchan and modify git config

$ git config user.name "jexchan"
$ git config user.email "jexchan@gmail.com" 

$ git config user.name "activehacker"
$ git config user.email "jexlab@gmail.com" 

or you can have global git config $ git config --global user.name "jexchan" $ git config --global user.email "jexchan@gmail.com"

then use normal flow to push your code

$ git add .
$ git commit -m "your comments"
$ git push

Another related article in Chinese

  1. http://4simple.github.com/docs/multipleSSHkeys/
@serg06
Copy link

serg06 commented Aug 6, 2021

This looks like it would work great with Git profiles!

@noahgary
Copy link

noahgary commented Aug 6, 2021

@serg06 Very nice!! I'll try this and see how it works. Seems like a much better way to organize things.

@sudhanshugupta-cpi
Copy link

sudhanshugupta-cpi commented Aug 22, 2021

I had to change the [remote "origin"] / url field in my local .git/config to use the Host defined in .ssh/config in order for this to work, i.e.,

[remote "origin"]
        url = git@github.com-activehacker:activehacker/gfs.git

Without that modification, git would just try to use my default ssh key.

Thanks @oleweidner!! from the year 2021...your comment/answer back in 2012 helped me in 2021 !!! Was struggling to fix my stuff for 2 days...luckily I hit your answer...

@RajendraMallina
Copy link

RajendraMallina commented Sep 23, 2021

e.g.

git clone git@github.com-activehacker:activehacker/gfs.git gfs_jexchan
________________________^

as oppose to:

git clone git@github.com:activehacker/gfs.git gfs_jexchan

that's the ticket!

Thanks man you saved my day

@Anonymous5726221
Copy link

Anonymous5726221 commented Oct 8, 2021

I am still having issues, with this. In my ~/.ssh/config I have a catch-all block at the end with default options and fallback keys

Host github.com-Anonymous5726221
  HostName github.com
  User git
  IdentityFile ~/.ssh/id_ed25519_Anonymous_5726221

Host * 
  IdentityFile ~/.ssh/id_ed25519
  IdentityFile ~/.ssh/id_ed25519_Anonymous_5726221
  IdentitiesOnly=yes
  PreferredAuthentications=publickey,gssapi-keyex,gssapi-with-mic,password
  AddressFamily inet
  Protocol 2
  Compression yes

I ran git push and I can see in ssh debug it's matching the Host rule correctly but it still tried the Host * first with my personnal key first. If I comment out the 2 IdentityFile in Host * when it works as intended.

Any idea?

@sla-te
Copy link

sla-te commented Oct 13, 2021

Does anyone know how to make git+ssh://git@github.com/myorganisation/myrepo.git work with this configuration?

@tw-yshuang
Copy link

tw-yshuang commented Dec 14, 2021

I create a CLI command to handle this!
Checkout my repo~~
This repo uses ssh-agent to switch your ssh account.

Git_SSH-Account_Switch

A CLI tool can switch an ssh account to your current shell. You will easily switch to your git account & ssh key when using the server, and using your account to manipulate the project on the server.

Installation

$ bash ./setup.sh

it will add some code in your profile & $logout_profile, and setup git-acc & .gitacc on the $HOME.
file:

git-acc.sh -> $HOME/.git-acc, git-acc function.
.gitacc -> $HOME/.gitacc, save info. that regist on git-acc.

Control

        +---------------+
        |    git-acc    |
        +---------------+

SYNOPSIS

  git-acc [account]|[option]

OPTIONS

  [account]               use which accounts on this shell, type the account name that you register.
  -h, --help              print help information.
  -add, --add_account     build git_account info. & ssh-key.
      -t, --type          ssh-key types, follow `ssh-keygen` rule, 
                          types: dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa(default)
  -rm, --remove_account   remove git_account info. & ssh-key from this device
  -out, --logout          logout your current ssh-acc.


EXAMPLES

  $ git-acc tw-yshuang

@peterblockman
Copy link

peterblockman commented Jan 11, 2022

@airtonix
Copy link

airtonix commented Jan 17, 2022

just use the includeif rule of your gitconfig ... messing with hostnames or cli switcher malarky just leads to complication and non portable setups.

@arcsector
Copy link

arcsector commented Feb 9, 2022

For everyone in here who doesn't want to use unique identifiers, just use the Hostname as the Host:

Host github.com
    HostName github.com
    User git
    IdentityFile ...

Now you don't have to remember to change your SSH identifier and you can just copy the "git@github.com..." address from your clone instructions.

@gamesover
Copy link

gamesover commented Feb 23, 2022

@arcsector will below work for multiple accounts?

Host github.com
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_rsa_id1

Host github.com
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_rsa_id2

@jaanhio
Copy link

jaanhio commented Feb 27, 2022

@gamesover i tried that config too. what happens is, ssh will be able to identify both configuration but only uses the first matching one. so if one of your git command requires id_rsa_id2, the operation will be unsuccessful.

@gamesover
Copy link

gamesover commented Feb 27, 2022

@jaanhio thanks very much for your updates.
True. I found the same issue.
So far, I did not find a perfect solution yet.

Each time, I have to check ssh-add -l to delete unneeded keys and reserve the key needed.

For example, if I need id_rsa_id2, then I will do the below

ssh-add -d ~/.ssh/id_rsa_id1
ssh-add ~/.ssh/id_rsa_id2

To be frank, I guess when initially ssh was designed, they never thought there are a senario that diff acount needs diff keys for the same site.

Previously, github allows the same key was added to diff accounts, so no such issue.
Now, one key can only be used once in the whole github for diff accounts.
So we have such troubles now.

@tomfast
Copy link

tomfast commented Mar 25, 2022

Thanks @jexchan and @mixua. The combination of your answers worked great for me.

@mohlatif227
Copy link

mohlatif227 commented Mar 27, 2022

I'm sharing mine .ssh/config file, hope it helps someone(working fine on MacOS BigSur)

image

Then you have to add your private key ssh agent as below:
ssh-add -K ~/.ssh/work

ssh-add -K ~/.ssh/altif
In final step, you can confirm the connection using below command and get below output if everything setup correctly.

MAltif1M-BNG1:~ Mohammad.Altif$ ssh -T work

Hi <github_username>! You've successfully authenticated, but GitHub does not provide shell access.

MAltif1M-BNG1:~ Mohammad.Altif$ ssh -T altif

Hi <github_username>! You've successfully authenticated, but GitHub does not provide shell access.

@dylb0t
Copy link

dylb0t commented Apr 6, 2022

If your ssh keys don't all show up with
ssh-add -l
you have to run
ssh-add ~/.ssh/yourkey.rsa

7 years later, your reply is still saving lives. My Salute!

+1

@diaojiulishifei
Copy link

diaojiulishifei commented May 3, 2022

From OP's, modified according to @oleweidner @jmpnot you two's, and now it works. Thank y'all!

@maazu
Copy link

maazu commented May 4, 2022

Anyone who is having a problem like in which I followed the instruction on mac, for some reason when I was attempting to push into the repo from my second account, git was using my first account and I was getting permission denied error, after spending few hours this answer finally helped me https://stackoverflow.com/a/12438179/12702093.

@HughAJWood
Copy link

HughAJWood commented May 26, 2022

You can add this to an existing repo by doing the following:
git config --get remote.origin.url

Which will give you something like:

git@github.com:HughAJWood/repo

Copy and modify the resulting url as so:

git@github.com-<sshId>:HughAJWood/repo
ie
git@github.com-hugh:HughAJWood/repo

This should match the id in the .ssh/config file

# Personal account - the default config
Host github.com-hugh
   HostName github.com
   User git
   IdentityFile ~/.ssh/personal_private_key

@kishore-s-15
Copy link

kishore-s-15 commented Jun 6, 2022

I had to change the [remote "origin"] / url field in my local .git/config to use the Host defined in .ssh/config in order for this to work, i.e.,

[remote "origin"]
        url = git@github.com-activehacker:activehacker/gfs.git

Without that modification, git would just try to use my default ssh key.

Thanks @oleweidner

Yeah, Even I had to make this change to get it working.

@iamtodor
Copy link

iamtodor commented Jul 24, 2022

every time I want to interact with a second git account I need to explicitly provide a path to keys: like GIT_SSH_COMMAND="ssh -i ~/.ssh/personal" git push origin master

@danmash
Copy link

danmash commented Aug 13, 2022

I had to remove the wildcard Host * section from the .ssh/config file

@danmash
Copy link

danmash commented Aug 13, 2022

Below are the ~/.gitconfig aliases which could clone with specific github.com replacement and change remote origin URL of existing repo

[alias]
  clc = "!f(){ git clone `sed 's/github.com/github.com-work/g' <<< \"$1\"`;};f"
  Cld = "!f(){ git clone `sed 's/github.com/github.com-default/g' <<< \"$1\"`;};f"
  urlc = "!f(){ git config remote.origin.url `git config remote.origin.url | sed 's/github.com/github.com-work/g'`;};f"
  urld = "!f(){ git config remote.origin.url `git config remote.origin.url | sed 's/github.com/github.com-default/g'`;};f"

use it like git cld github.com/repo to clone repo and replace github.com host to github.com-default automatically

@soumyadeep589
Copy link

soumyadeep589 commented Aug 17, 2022

I had to change the [remote "origin"] / url field in my local .git/config to use the Host defined in .ssh/config in order for this to work, i.e.,

[remote "origin"]
        url = git@github.com-activehacker:activehacker/gfs.git

Without that modification, git would just try to use my default ssh key.

Thanks!!! working perfectly.

@troccoli
Copy link

troccoli commented Sep 1, 2022

This instructions are great, however for people like me who had a general host configured in .shh/config, you need to make it not generic.

My old .shh/config was:

Host *
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_ed25519

Following the instructions above I ended up with:

Host github.troccoli
  HostName github.com
  User git
  IdentityFile ~/.ssh/troccoli
Host *
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_ed25519

But when pushing to my personal repository I had the following error:

ERROR: Permission to troccoli/tubecrush.git denied to CLL-GTA.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Where CLL-GTA is my work git account.

The solution was to make the general host not general any more:

Host github.troccoli
  HostName github.com
  User git
  IdentityFile ~/.ssh/troccoli
Host work
  HostName github.com:****
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_ed25519

The **** is actually my company account on GitHub. To find it, I just looked in the .git/config file in any of the repositories I cloned for work.

I hope this helps.

@Ronghaozhang
Copy link

Ronghaozhang commented Sep 3, 2022

According to ssh documentation, we need set a appropriate value for User in the config file.
git clone git@github.com:githubAccountName/repoName.git

config file:

Host github.com
   HostName github.com
   IdentityFile ~/.ssh/id_rsa_personal
   User githubAccountName

@keikoro
Copy link

keikoro commented Sep 9, 2022

@Ronghaozhang This is incorrect. The User in the ssh config file is the user with which you connect to/log into the remote server, which is git by default. Compare with the Git URLs provided by platforms like GitHub, GitLab etc. for SSH access, e.g. git@github.com:github/docs.git. The part before the colon translates to user@hostname. See the man page for ssh for more details.

If you had tried out your suggestion before posting it, you would have known it doesn't work – GitHub will return a permission error if you try to connect with a user other than git.

Btw. the link you included needs to be reformatted. It doesn't point to where you wanted it to go, but only displays the address.

@matt2930
Copy link

matt2930 commented Sep 16, 2022

An update to this after spending too long on it. My scenario was that I had originally set up my ssh config like so:

Host github.com
  IdentityFile ~/.ssh/github
  IdentitiesOnly yes
  AddKeysToAgent yes

I had cloned tons of repos using this config, so I could not use the option of setting different hosts, because there were too many repos to update. What I needed to do was be able to push/pull for one repo using a different identity file, so I tried doing this in that one repo:
git config core.sshCommand "ssh -i ~/.ssh/matt2930-github -o 'IdentitiesOnly=yes'"

But what happened was no matter what, it was still using the identity file I had defined in my ~/.ssh/config. What saved me was adding -F /dev/null to my ssh command:
git config core.sshCommand "ssh -i ~/.ssh/matt2930-github -o 'IdentitiesOnly=yes' -F /dev/null"

From man ssh:

 -F configfile
         Specifies an alternative per-user configuration file.  If a configuration file is given on the command line, the system-wide configuration file (/etc/ssh/ssh_config) will be ignored.  The default for the
         per-user configuration file is ~/.ssh/config.  If set to “none”, no configuration files will be read.

@Ronghaozhang
Copy link

Ronghaozhang commented Sep 20, 2022

@Ronghaozhang This is incorrect. The User in the ssh config file is the user with which you connect to/log into the remote server, which is git by default. Compare with the Git URLs provided by platforms like GitHub, GitLab etc. for SSH access, e.g. git@github.com:github/docs.git. The part before the colon translates to user@hostname. See the man page for ssh for more details.

If you had tried out your suggestion before posting it, you would have known it doesn't work – GitHub will return a permission error if you try to connect with a user other than git.

Btw. the link you included needs to be reformatted. It doesn't point to where you wanted it to go, but only displays the address.

Thanks for pointing out the link issue. Before saying it's doesn't work, I'm not sure you have tried my method, it's working perfectly on my laptop, for both my personal account and working account.

Also, this is the screenshot from Github documentation, it pointed out the part after the colon is the user.
image

Here the link: https://docs.github.com/en/get-started/getting-started-with-git/about-remote-repositories

@keikoro
Copy link

keikoro commented Sep 22, 2022

@Ronghaozhang The user on GitHub, which identifies a repository owner, has nothing to do with the user used for SSH, which is what you set when you provide a value for User in the ssh config. Again, see the man page for ssh to learn how ssh works.

GitHub even describes how to test your connection in their docs:
Testing your SSH connection
Error: Permission denied (publickey)

You will not not get a permission error when you provide an SSH user that is not git and test your connection as described.

The reason you think "it works" – by which I assume you mean fetching, pulling, pushing etc. – is likely that you continue to use the correct user git@ in your remote URLs, which overrides the User variable in the config file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment