- Use a linux system.
- Install
git
sudo apt-get install git
- Installation of
git
should also installssh
andssh-keygen
- Generate an SSH key
ssh-keygen -t ed25519 -C "your_email@example.com"
- If on legacy system use
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
-
semick@terra:~$ ssh-keygen -t ed25519 -C "sbeddall@gmail.com" Generating public/private ed25519 key pair. Enter file in which to save the key (/home/semick/.ssh/id_ed25519): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/semick/.ssh/id_ed25519 Your public key has been saved in /home/semick/.ssh/id_ed25519.pub The key fingerprint is: SHA256:VFEB7GL8Oho3Ej4nqsarZ5Lu0mNgotLVvV4lEdRqCOs sbeddall@gmail.com The key's randomart image is: +--[ED25519 256]--+ | o*=o. | | . .... | | +.o.. | | ..= +. | | o.oS+. . | |o. ..E.. .o | |+* . * +o. | |* X . B+o | |*Xo+. .o.. | +----[SHA256]-----+
- If on legacy system use
- Ensure SSH-agent is running
eval "$(ssh-agent -s)"
- See windows details below if necessary.
- Register your identity with the
ssh-agent
:ssh-add ~/.ssh/id_ed25519
(for the example above!)- Notice we specifically added the keyfile (without an extension) while ignoring the
.pub
for this operation. - Adding the key means that it won't prompt you for your passphrase every time a secure operation is invoked as well!
- Notice we specifically added the keyfile (without an extension) while ignoring the
- Dump the contents of the generated certificate pubkey using
cat ~/.ssh/id_ed25519.pub
- Copy those into the key section of
Github.com
->Settings
->SSH and GPG Keys
->New SSH Key
- Copy those into the key section of
- Start -> Type 'Services' and click on the Services App that appears.
- Find the OpenSSH Authentication Agent service in the list.
- Right-click on the OpenSSH Authentication Agent service, and choose 'Properties'.
- Change the Startup type: to Automatic.
- Click the Start button to change the service status to Running.
- Dismiss the dialog by clicking OK, and close the Services app.
...or you can use pwsh
in an admin
window:
Set-Service -Name ssh-agent -StartupType Automatic
Set-Service -Name ssh-agent -Status Running
You may need to start the agent. ssh-agent
. Expect it to KILL your running session with the vm, for some reason.
You need to be certain that the ssh that is used by git
is the same exe that is used to generate your key. If you're on a new machine, and simply install git
, you will likely have the correct associations.
However, if you're not certain, you can make it certain.
I believe this works on all platforms, but git
supports the environment variable GIT_SSH
. You can use which ssh
(in bash) or where ssh
(on windows cmd) to figure out which is going to be used by ssh-keygen
.
Further secure operations in the current session shouldn't prompt for passkey. If they DO, then the key hasn't been cached properly.
If you need the token to be usable with organizational security like Single Sign-On
, configure that from Github.com
-> Settings
-> SSH and GPG Keys
-> Configure SSO
drop down button next to each key.