Some intro
- GitHub do provide option to use SSH to connect and do many things same as using the standard CLI.
- And there are some functionalities offered by using SSH that make life easier, for example no need for token to pull your branch.
- This is how to change your repo connection to use SSH. This is done in linux ubuntu OS.
Setting Up SSH keys and Permission
- For this, you can use existing user or create a new user specifically for deployment/pull/push through SSH.
cd ~
# create .ssh folder inside user home directory
mkdir .ssh
# generate key private and public (.pub) using ssh-keygen, and give name like "github_dev".
# Optional, dont assign passphrase if you want to use it for CLI.
ssh-keygen -t ed25519-sk -C "your_email@example.com"
# check ssh agent running
eval $(ssh-agent -s)
# register only private key (no .pub) generated to ssh agent
ssh-add ~/.ssh/<private_key_file>
- for secure linux and current user to read private key to execute GitHub CLI, update the permission for access.
# change permission key file for read-only
cd ~/.ssh
chmod 644 <private_key>
sudo chgrp <username> <private_key>
# change permission to folder .ssh
cd ~
chmod 700 .ssh
sudo chgrp <username> .ssh
- you also can directly define any SSH connection to GitHub to use the private key generated by creating 'config' file
# config connection using ssh and correct key file
nano .ssh/config
# paste the following into the 'config' file
Host github.com
Hostname ssh.github.com
Port 443
User git
IdentityFile ~/.ssh/<private_key> #generated private key location
Register public key generated to GitHub account.
- Go to intended GitHub account setting to register this public SSH key.
- Give any name you want.
Check Signature Github.
- use the command below to cross check signature of the ssh agent is the same as displayed by GitHub
ssh-add -l -E sha256
Testing GitHub SSH Connection
- test successful connection through SSH to GitHub by:
# testing connection to github
ssh -T git@github.com
# testing with more details for troubleshooting
ssh -vT git@github.com
Update Repository Remote URL
- After successful connection through SSH, change current local repository remote to use SSH
- usually the remote url is like this:
# Check connection profile setup
git remote -v
# result
# origin https://github.com/****.git (fetch)
# origin https://github.com/****.git (push)
- you can either update original 'origin' or add new one like 'myssh'
- the address can be refer back here:
# add ssh connection profile 'myssh'
git remote add myssh ssh://git@****.git
# result
# origin https://github.com/****.git (fetch)
# origin https://github.com/****.git (push)
# myssh git@github.com:****.git (fetch)
# myssh git@github.com:****.git (push)
# update existing connection profile 'origin' to use SSH
git remote set-url origin git@github.com:****.git
# result
# origin git@github.com:****.git (fetch)
# origin git@github.com:****.git (push)
# update back to use HTTP
git remote set-url origin https://github.com/****.git
- example using GitHub CLI through SSH connection profile different than default 'origin'
# using 'myssh' connection profile
git checkout myssh/<branch name> -b <new branch name>
User Connection Issue
- There will be an issue sometimes with linux system user especially when using 'sudo'. In this case, the one executing CLI is not the current user but by the 'root' system user.
- In this case, to maintain user profile, use '-E' flag:
sudo -E git fetch
Bash Script
- Example a bash script to pull the 'develop' branch.
- The ssh-agent may need to be started again in linux.
#!/bin/bash
# start ssh-agent and register back private key
eval $(ssh-agent -s)
ssh-add ~/.ssh/<private_key_file>
# Go to project epo
cd /var/www/<local repository directory>
# Checkout 'develop' branch
git checkout develop
# Update connection profile
# git remote set-url origin git@github.com:*****.git
# Pull latest changes
git pull
# Checkout by latest tag
# git fetch --tags
# tag=$(git describe --tags `git rev-list --tags --max-count=1`)
# echo $tag
# git checkout $tag -b latest
# Set back to HTTP
# git remote set-url origin https://github.com/*****.git
#
# Additional steps
#
echo Done
Top comments (0)