A simple guide to get you started with GitHub.
Context
This blog will walk you through the different steps you need in order to have your GitHub account setup and ready for creating amazing things :)! We will set up the SSH key and also the GPG key for having signed commits. The operative system that I will be using is Linux, distribution Ubuntu 16.04.3 LTS. If you are using Windows or MAC, you can follow this post as a guide but the respective commands for your operative system will be slightly different. You can post on the comments so I can help you. We will install GIT and push our first signed commit.
Creating a GitHub account
First, you just need to go here:
Complete the form with the requested info, and you will have your account created immediately. It will look something like this:
Creating your first repository
Notice that you have different tabs in your profile view: Overview, Repositories, Stars, Followers, and Following. One of our interest is Repositories, click there :D!
It will appear a view with the new button in it, click it:
After that you will be presented with the following form:
Notice that I completed the Repository name, I added a little Description and I clicked Initialize this repository with a README. This last step is important since we will be creating a repository with a file in it and it is different from when we create an empty repository (we will cover the empty repository later).
Regarding the name of the repository, I always use downcase only or combined with _.
Once you created the repository by hitting the button Create repository you will see something like this:
A couple of things to notice here since we are gonna configure the SSH key and the GPG key, we will clone the repository with the Clone with SSH option.
GIT installation
Now, if we want to work locally (meaning with our computer) with the repository we just created, we will need to install GIT.
Open a console Ctrl+T or go your programs an click the Terminal icon:
Once you are with the opened terminal, write the following command:
sudo apt-get update
This will update your local package index.
Now we will proceed to install GIT with:
sudo apt-get install git
We also need to tell GIT who we are, and for that, we are going to set up our name and email with the following commands:
git config --global user.name "Nicolas Sebastian Vidal"
git config --global user.email "nicolas.s.vidal@gmail.com"
Of course, where I have put my name it will go yours and the same with the email :).
Configuring your SSH key
Before cloning our repository, and in order to be able to commit and push our changes to the GitHub repository, first, we need to generate our SSH key.
- Open a console
Ctrl+Tor go your programs an click theTerminalicon; - Paste the text below, substituting in your GitHub email address.
ssh-keygen -t rsa -b 4096 -C "your\_email@example.com"This creates a new ssh key using the provided email as a label.Generating a public/private rsa key pair. - When you’re prompted to "Enter a file in which to save the key", press
Enter. This accepts the default file location.Enter a file in which to save the key (/home/you/.ssh/id\_rsa):[Press enter] - At the prompt, type a secure passphrase. I encourage you to type a passphrase and not to leave it empty since it will give you more security.
Enter passphrase (empty for no passphrase): [Type a passphrase]Enter same passphrase again: [Type passphrase again]
- Start the ssh-agent in the background.
- Add your SSH private key to the ssh-agent. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_rsa in the command with the name of your private key file.
These last two steps are for not entering the passphrase every time you want to push your changes to your repository.
These mentioned steps can be found also here.
Adding the SSH key to your GitHub account
While being in your terminal, write the following command:
cat ~/.ssh/id\_rsa
This command will show you your SSH public key:
Copy this key from ssh-rsa to your email nicolas.s.vidal@gmail.com.
Now we need to go to our GitHub profile, and click Settings:
Once you are there click the option that says SSH and GPG keys, click New SSH key after that, it will appear a form where we will paste our SSH key, add also a title to identify the machine that it will be using the mentioned key:
Press Add SSH key and finally our key it will be configured to be used:
Configuring your GPG key
If you want to have all your commits signed, follow these steps. Otherwise, you can completely avoid this.
Back in your terminal type the following command:
gpg --gen-key
Some options will appear, here the detail of each of them and the usual configuration that I use:
-
Please select what kind of key you wantI use the default optionRSA and RSA; -
What keysize do you want?(20148)here you will see that I selected "2048", however, I only selected the default option because I'm using a virtual machine and it is kind of troublesome to generate the necessary entropy for getting all the needed bytes. I always go with 4096 as it is the recommended key size. -
Key is valid for?(0)for this example, I have chosen that the key should not expire but what I always change the GPG key every month :D! - The next step will be to set up your
Real name,Email addressandComment, this last one I use it to put my username :P! - The last step, you will have to generate enough entropy for getting the needed bytes, so for this, you will have to start doing some work on your computer. you could start moving your mouse like crazy (that works for me), also typing on a text editor a lot of random characters. One thing, do it fast!.
Once we have generated our GPG key we still need to add it to our GitHub account, the following steps need to follow:
- Use the
gpg --list-secret-keys --keyid-format LONGcommand to list GPG keys for which you have both a public and private key. A private key is required for signing commits or tags:
- From the list of GPG keys, copy the GPG key ID you’d like to use. In this example, the GPG key ID is 77384044A63D6CFF ;
- Configure Git on your machine for using this GPG key to sign your commits:
git config user.signingkey 77384044A63D6CFF; - Paste the text below, substituting in the GPG key ID you’d like to use. In this example, the GPG key ID is
77384044A63D6CFF:gpg --armor --export 77384044A63D6CFF
- Copy your GPG key, beginning with
-----BEGIN PGP PUBLIC KEY BLOCK-----and ending with-----END PGP PUBLIC KEY BLOCK-----;
Adding the GPG key to your GitHub account
Once again as we did with the SSH key, you need to go to your GitHub profile and click on the Settings option.
Once you are there, click the option that says SSH and GPG keys and click New GPG key, a form will appear where we will paste it:
Press Add GPG key and finally our key it will be configured to be used:
The steps that I have mentioned to generate a GPG key can also be found here.
Cloning our repository
Back in our terminal, we will go to Documents and there we will clone our GitHub repository:
We will clone our repository by using SSH, so our command line would look something like this:
git clone git@github.com:nisevi/staticwebsite.git
It will ask us if we want to continue since the authenticity of the host github.com can't be established, but! as we trust GitHub we will say yes.
After that, you will have the repository cloned within the Documents folder, and you will find the README.md file that we have selected for initializing our repository:
Pushing your first commit
In order to create a commit, first we need to generate some changes to the files that we have in our repository, otherwise, we won't have anything to commit.
In order to check the status of the files and see if any of them has changed, we will use the following command:
git status
This is the actual content of the README.md file:
After the modification, we can see that our file was changed by typing the following command again:
git status
And we can take a look at the changes we have done with the following command:
git diff
As we can see Static website. has been deleted, space has been added, and Hello World. was written.
Now, we will add this file to our commit by doing:
git add README.md
After running this command, we will be able to see that our changes have been added to the commit we want to create. We can check this by doing:
git status
Our next step is to create a signed commit with a proper message about the changes we have done to the file. Please notice that here you will be asked to type the passphrase you used when creating your GPG key (if you have skipped that section you won't need to use the -S flag):
git commit -S -m "Update README.md"
-
-Sflag is for signing our commit; -
-mflag is for the message we want to write;
Once the commit has been created we will proceed to push our changes :D !!
Type the following command:
git push origin master
Done!!! we have pushed our changes. If you want to see them, go back to your GitHub repository. You will see that the README.md file has changed and if you want to know if your commit has been signed click where it says 2 commits:
In the following view, you will find the commit that we just did with the comment we have added; the green label that says Verified means that our commit has been signed :D!!!
Something to notice here is that I have already a signed commit that says Initial commit. This commit was created when we decided to initialize our repository with a README; for me is signed or Verified because I already have other GPG key and SSH key working on my laptop. What it matters is the commit that you just pushed :)!
This post ends here.
What you will find next are some alternatives to things that I have done in this tutorial. I hope you have enjoyed it!!
Creating an empty repository
If you decided to create an empty repository, you will be presented with different options. Here, we will walk through the steps for having this repository cloned and working on your computer.
Notice that I haven't selected the option Initialize this repository with a README. After you hit Create repository you will be presented with the following view:
Please notice that I have selected SSH as we will clone the created repository by doing:
git clone git@github.com:nisevi/staticwebsite.git
As we can see the repository has been cloned but there is nothing inside the folder (except the .git configuration folder of the repository). At this point, you can just create any file and follow the steps we have described on Pushing your first commit.
Cloning a repository by using HTTPS
Other option, instead of doing all the SSH and GPG configuration for pushing commits, will be to clone the repository with HTTPS:
Back in your terminal, we will clone the repository by doing:
git clone [https://github.com/nisevi/staticwebsite.git](https://github.com/nisevi/staticwebsite.git) https-staticwebsite
The last part that I just added was only to give the folder a name, in this case https-staticwebsite. I have done this because I didn't want to have conflicts with the same repository that I cloned with SSH:
If we take a look at the folders inside Documents, we will see:
We will get inside https-staticwebsite and do some changes to the README.md file and create a signed commit. But! as this is another folder with another Git configuration, we will have to setup our GPG key again by doing:
git config user.signinkey 77384044A63D6CFF
If you don't remember where this number 77384044A63D6CFF comes from, you might take a look back to the section where we have configured the GPG key.
After we have created our signed commit we will push our changes:
git push origin master
Notice that by using HTTPS you will always have to enter your username and password. In case you are using two-factor authentication instead of a password, you will need to enter a token.
How to generate a GitHub token
Go to your profile and click Settings. After that, click Developer settings and select the option that says Personal access tokens, press Generate new token and give it rights only for repo, as displayed here:
After you press Generate token, you will see the following:
Copy the token and save it in a safe place since this is the last time you will see it here. Once copied you can use it as password if you have activated two-factor authentication and want to push commits by using HTTPS.
Top comments (0)