Managing multiple Git hosts can be challenging, especially when using different GPG and SSH keys. This article will walk you through the process of generating SSH and GPG keys, adding SSH to the local SSH agent and both to the remote Git hosts, configuring multiple hosts to use different keys, and configuring the local Git to use multiple GPG keys for different Git hosts.
Generating SSH keys
If you have SSH keys already generated and added to your remote host and local SSH agent, you can skip and move to the next heading, otherwise, you can follow below to have the SSH setup:
-
Open a terminal and run the following command to generate a new SSH key:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com" Follow the prompts to choose a location for the key file and to set a passphrase. The default options are usually sufficient.
-
Once the key is generated, run the following command to display the public key:
cat ~/.ssh/id_rsa.pub Copy the entire contents of the public key to your clipboard.
Adding SSH Key to the remote host
On the website of the code host, navigate to your account settings and find the option to add a new SSH key. Paste the public key into the input field and save the key.
Adding SSH key to the your SSH agent
-
Open a terminal and run the following command to start the SSH agent
eval "$(ssh-agent -s)" -
Add it to the agent
ssh-add ~/.ssh/id_rsa
You can repeat the above for the multiple Git hosts you deal with so each host has different SSH Key.
Auto configure the SSH Key per host
When working with multiple code hosts, such as GitHub, GitLab, and Bitbucket, it can be helpful to have a separate host entry for each host in your ~/.ssh/config file. This allows you to easily switch between hosts without having to remember different URLs or SSH keys.
Here's an example of how to set up multiple hosts in your ~/.ssh/config file:
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/github_rsa
Host gitlab.com
HostName gitlab.com
User git
IdentityFile ~/.ssh/gitlab_rsa
Host bitbucket.org
HostName bitbucket.org
User git
IdentityFile ~/.ssh/bitbucket_rsa
Generating the GPG Keys
If you have GPG keys already generated and added to your remote host, you can skip and move to the next heading, otherwise, you can follow below to have the GPG setup:
-
Open a terminal and run the following command to generate a new GPG key:
gpg --full-generate-key Follow the prompts to enter your name and email address.
Choose the key type and key size. The default options are usually sufficient.
Set the expiration date for your key. You can choose to set no expiration or a specific date.
Enter a passphrase for your key. This passphrase is required to use the key to sign commits.
-
Once the key is generated, run the following command to get the key ID
gpg --list-secret-keys --keyid-format LONG <your_email> -
In the output, identify the sec line, and copy the GPG key ID. It begins after the / character. In this example, the key ID is
4EC9DCE00DD4D021
sec rsa4096/4EC9DCE00DD4D021 2023-04-23 [SC] 0A96E925578EA97AD6B62FA54EC9DCE00DD4D021 uid [ultimate] User <user email> ssb rsa4096/BBF655FD113EEE28 2023-04-23 [E]
Adding GPG Key to the remote host
-
Open a terminal and run the following command to get your GPG public key
gpg --armor --export <your_key_id> On the website of the code host, navigate to your account settings and find the option to add a new GPG key.
Paste the public key into the input field and save the key.
Auto detect commit signing key
To make the process of signing the commits easier, you can configure your Git settings to use different keys for different hosts.
To do this, you can create multiple .gitconfig files and use the includeIf directive to specify the conditions under which each file should be used. For example, you can create a .gitconfig-work file for your work account and a .gitconfig-personal file for your personal account, and use the includeIf directive to specify that the .gitconfig-work file should be used for commits to your work repository and the .gitconfig-personal file should be used for commits to your personal repository. You can also configure each gitconfig file to use a different GPG key for signing commits.
includeIf is a configuration option in Git that allows you to include additional configuration files based on certain conditions. For example, you can include a specific configuration file based on the repository configuration you're working in.
Here's an example of how to set up multiple gitconfig files with includeIf:
- Create a separate gitconfig file for each signing key you want to use. For example,
~/.gitconfig-personaland~/.gitconfig-work. - In your main
~/.gitconfigfile, add the following
# ~/.gitconfig
[includeIf "hasconfig:remote.*.url:git@gitlab.com:**/**"]
path = .gitconfig-work
[includeIf "hasconfig:remote.*.url:https://gitlab.com/**"]
path = .gitconfig-work
[includeIf "hasconfig:remote.*.url:git@github.com:**/**"]
path = .gitconfig-personal
[includeIf "hasconfig:remote.*.url:https://github.com/**"]
path = .gitconfig-personal
# ~/.gitconfig-personal
[user]
name = <YOUR NAME>
email = <YOUR PERSONAL EMAIL>
signingkey = <GPG KEY ID FOR PERSONAL GPG>
[commit]
gpgsign = true
# ~/.gitconfig-work
[user]
name = <YOUR NAME>
email = <YOUR WORK EMAIL>
signingkey = <GPG KEY ID FOR WORK GPG>
[commit]
gpgsign = true
Conclusion
As a developer, working with multiple code hosts and signing your commits with multiple GPG keys can be challenging. However, by configuring your Git and SSH settings to use different keys for different hosts, you can simplify your workflow and increase your productivity. By following the steps outlined in this post, you can easily manage multiple code hosts, sign your commits with the appropriate GPG key, and use the appropriate SSH key for each host. This can help you save time and avoid mistakes, and ultimately make you a more effective developer. So why not give it a try? With a little bit of setup, you can streamline your workflow and take your development skills to the next level.
Top comments (0)