Skip to content

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Multiple SSH keys for different github accounts

Multiple SSH Keys settings for different github account

create different public key

create different ssh key according the article Mac Set-Up Git

$ ssh-keygen -t rsa -C "your_email@youremail.com"

Please refer to github ssh issues for common problems.

for example, 2 keys created at:

~/.ssh/id_rsa_activehacker
~/.ssh/id_rsa_jexchan

then, add these two keys as following

$ ssh-add ~/.ssh/id_rsa_activehacker
$ ssh-add ~/.ssh/id_rsa_jexchan

you can delete all cached keys before

$ ssh-add -D

finally, you can check your saved keys

$ ssh-add -l

Modify the ssh config

$ cd ~/.ssh/
$ touch config
$ subl -a config

Then added

#activehacker account
Host github.com-activehacker
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_rsa_activehacker

#jexchan account
Host github.com-jexchan
    HostName github.com
    User git
    IdentityFile ~/.ssh/id_rsa_jexchan

Clone you repo and modify your Git config

clone your repo git clone git@github.com:activehacker/gfs.git gfs_jexchan

cd gfs_jexchan and modify git config

$ git config user.name "jexchan"
$ git config user.email "jexchan@gmail.com" 

$ git config user.name "activehacker"
$ git config user.email "jexlab@gmail.com" 

or you can have global git config $ git config --global user.name "jexchan" $ git config --global user.email "jexchan@gmail.com"

then use normal flow to push your code

$ git add .
$ git commit -m "your comments"
$ git push

Another related article in Chinese

  1. http://4simple.github.com/docs/multipleSSHkeys/
@oleweidner

I had to change the [remote "origin"] / url field in my local .git/config to use the Host defined in .ssh/config in order for this to work, i.e.,

[remote "origin"]
        url = git@github.com-activehacker:activehacker/gfs.git

Without that modification, git would just try to use my default ssh key.

@sdeverly

Had to do the same to get it working.

@elkuku

Me too :wink:

@jsh2134

Me as well.

@straticsryan

Instead of having to change the remote origin in the config after cloning, you can just use that custom Host variable on the git clone command instead.

@jmpnot

e.g.

git clone git@github.com-activehacker:activehacker/gfs.git gfs_jexchan
________________________^

as oppose to:

git clone git@github.com:activehacker/gfs.git gfs_jexchan

that's the ticket!

@malleor

Thanks!

To make it work with Gists, I needed to add another entry in ~/.ssh/config:

Host gist.github.com
  ...
@sgryschuk

If your ssh keys don't all show up with
ssh-add -l
you have to run
ssh-add ~/.ssh/yourkey.rsa

@mukeshagarwal

thanks, worked like a charm

@ghost
Unknown commented

but how it can works with "rake deploy" when I deploy my octopress blog? The mapping ssh-key seems no effect....

@nosir

thanks, would be better if it could be changed as @jmpnot mentioned.

@ptheofan

when trying to pull through a php script via exec it would not use the key automatically though it was the correct user configured (my user). Going through the ssh config file just saved the day! :D

@muhammedbasilsk

ssh config +
updated clone url

Working great... :-) Thanks alot...

@noonat

I was having an issue with SSH using the wrong key, depending on which order I accessed repositories. Turns out it will try all the keys loaded into ssh-agent in order, and IdentityFile only adds to the end of that list.

You can add IdentitiesOnly yes the SSH config block to force it to only use the IdentityFile you specified.

@avendael

I was also having issues with SSH using the wrong key even after following the advice of most who have encountered the same issue. In my case, I have a globally enabled ControlMaster in my ssh config. Removing the global ControlMaster config and deleting the github ssh socket (which in my case, is stored in /tmp as ssh_hostname.com_user as specified by my ControlPath config) fixed the issue for me. I can still use ControlMaster in other hosts by adding a ControlMaster auto line in that host's block.

@polykiln

How do you do this with https urls though?

@tejaskanani

Thanks Jexchan. It helped and working as expected.

@1Rhino

Thank you. It worked fine.

@RBeek

What exactly is the rule for setting up "Host" in the config file
Is it always github.com-[accountname] or can it be anything, because I set it to the shortname of my repository. Everything works, but it is not quit clear what needs to be set there.

@ignasne

Tnx it helps a lot!

@ashanbrown

Thanks for the tips. Might help to add the following to the instructions:

git remote set-url origin git@<host-in-ssh-config>:<username>/<repo>

This is the same as editing your .git/config file.

@greenlaw110

Same question: How do you do this with https urls though?

@gholadr

Thanks for the help!!!

@1ambda

Awsome!!!!!!!!

@wmyers

Thanks worked a treat. The following worked for me:
git clone git@github.com-sshID:myGitHubAccount/myRepo.git

@nikolasc

I forked @RichardBronosky (by mistake :) ) and changed the Host and User settings in ~/.ssh/config (User <account username>) which enables one to actually use multiple accounts, on the local machine, with SSH access.

I borrowed one of my friend's laptops, and created a github account. It took a while to figure out why I kept getting kicked off github 'as user ' - he hadn't created a new user for me on the laptop, so I was accessing with his username set in ~/.gitconfig and used with SSH. So the above, along with my ssh config changes, was the best way to get around the issue without wrecking his setup.

@zhangcheng

I just found out another way no need to deal with multiple SSH keys: use gitcredentials's useHttpPath option

[credential]
    helper = osxkeychain
    useHttpPath = true

English see http://www.davidhayden.org/blog/multiple-github-accounts-git-credential-osxkeychain
Chinese see http://jianshu.io/p/ef394ef6df95

@plato-cambrian

On Windows 7, I want to manage multiple github users with passphrase-protected ssh keys.

I sorted my ~.ssh/config file to use different keys for different repo domains as described above (I previously documented the steps on mint/ubuntu.)

However, I don't want to type my passphrase every time, and I don't want to use ssh-agent.

Here's how I set up Pageant to ask for and remember my passphrase on Windows login:

  • Download the Putty Tools package
  • Win+R to open run dialog
  • shell:startup to open the auto start folder in windows explorer
  • Navigate to your Pageant folder in a separate Explorer window
  • Right click and drag PAGEANT.EXE to the Startup folder. Choose Create Shortcut
  • Right click the shortcut, properties, Shortcut tab
  • Find the path to your .ppk encoded keypair
    • generate one with PUTTYGEN.EXE if you need a new one
    • convert one with PUTTYGEN.EXE if you have a linux id_rsa file but no .ppk
    • win7+ : shift right click your key in Explorer, Copy as path
  • Append the key path to the C:\whatever\PAGEANT.EXE line
    • e.g: "Target: C:\putty\PAGEANT.EXE plato_cambrian.ppk plato.ppk"
    • If your keys aren't adjacent to PAGEANT you can use absolute paths or change "Start in:" which is Pageant's CWD
  • Open the shortcut or reboot, and type your passphrases
@frostwire

Let's say alice is a github.com user, with 2 or more private repositories repoN.
For this example we'll work with just two repositories named repo1 and repo2

https://github.com/alice/repo1

https://github.com/alice/repo2

You need to be to pull from these repositories without entering a passwords probably on a server, or on multiple servers.
You want to perform git pull origin master for example, and you want this to happen without asking for a password.

You don't like dealing with ssh-agent, you have discovered (or you're discovering now) about ~/.ssh/config a file that let's your ssh client know what private key to use depending on Hostname and username, with a simple configuration entry that looks like this:

Host github.com
  HostName github.com
  User git
  IdentityFile /home/alice/.ssh/alice_github.id_rsa
  IdentitiesOnly yes

So you went ahead and created your (alice_github.id_rsa, alice_github.id_rsa.pub) keypair, you then also went to your repository's .git/config file and you modified the url of your remote origin to be something like this:

[remote "origin"]
        url = "ssh://git@github.com/alice/repo1.git"

And finally you went to the repository Settings > Deploy keys section and added the contents of alice_github.id_rsa.pub

At this point you could do your git pull origin master without entering a password without issue.

but what about the second repository?

So your instinct will be to grab that key and add it to repo2's Deploy keys, but github.com will error out and tell you that the key is already being used.

Now you go and generate another key (using ssh-keygen -t rsa -C "alice@alice.com" without passwords of course), and so that this doesn't become a mess, you will now name your keys like this:

  • repo1 keypair: (repo1.alice_github.id_rsa, repo1.alice_github.id_rsa.pub)
  • repo2 keypair: (repo2.alice_github.id_rsa, repo2.alice_github.id_rsa.pub)

You will now put the new public key on repo2's Deploy keys configuration at github.com, but now you have an ssh problem to deal with.

How can ssh tell which key to use if the repositories are hosted on the same github.com domain?

Your .ssh/config file points to github.com and it doesn't know which key to use when it's time to do the pull.

So I found a trick with github.com. You can tell your ssh client that each repository lives in a different github.com subdomain, in these cases, they will be repo1.github.com and repo2.github.com

So first thing is editing the .git/config files on your repo clones, so they look like this instead:

For repo1

[remote "origin"]
        url = "ssh://git@repo1.github.com/alice/repo1.git"

For repo2

[remote "origin"]
        url = "ssh://git@repo2.github.com/alice/repo2.git"

And then, on your .ssh/config file, now you will be able to enter a configuration for each subdomain :)

Host repo1.github.com
  HostName github.com
  User git
  IdentityFile /home/alice/.ssh/repo1.alice_github.id_rsa
  IdentitiesOnly yes

Host repo2.github.com
  HostName github.com
  User git
  IdentityFile /home/alice/.ssh/repo2.alice_github.id_rsa
  IdentitiesOnly yes

Now you are able to git pull origin master without entering any passwords from both repositories.

If you have multiple machines, you could copy the keys to each of the machines and reuse them, but I'd advise doing the leg work to generate 1 key per machine and repo. You will have a lot more keys to handle, but you will be less vulnerable if one gets compromised.

@burningTyger

Let me add that it is not enough to have

Host repo1.github.com
  HostName github.com
  User git
  IdentityFile /home/alice/.ssh/repo1.alice_github.id_rsa
  IdentitiesOnly yes

 Host github.com
   HostName github.com
   User git
   IdentityFile /home/alice/.ssh/repo2.alice_github.id_rsa
   IdentitiesOnly yes

In this case the repo1 block will point to the second github.com block because the repo1 block says HostName github.com which will redirect from first to second block.

Took me a while to figure out just how smart ssh is :smile:

@brentsony

@burningTyger The HostNames can be identical - it is the 'Host' that must differ. What may work best is to use "repo2.github.com", instead of that second "github.com". Then clone with git clone git@repo2.github.com:GitHubUserName/RepoName.git

@elpd

Thank you. Worked as expected.

@pajtai

thank you @oleweidner for the tip on changing the git config!

@dbolser

Thanks dudels.

@apiraino

Thanks for the guide, helped me solve this very issue. I need a public keys for each of my GitHub repos.

go figure....

@lazurey

Thank you Xianjun!!!
Your answer is the first one when I searched this problem on google. :smile:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.