DEV Community

Cover image for SSH key on github - Windows and Linux

SSH key on github - Windows and Linux

Ryan Souza on January 05, 2024

What is an SSH key? Generating an SSH key Linux Windows References What is an SSH key? An SSH key is a pair of keys used to ...
Read full post
Collapse
 
proscatinatingpro profile image
Trung Ly

Nice article! If I may add:

I'd like to add getting to know the ssh_config file.

# github account
Host github.com
HostName github.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_myaccount_github

# gitlab account
Host gitlab.com
HostName gitlab.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_myaccount_gitlab

# gitlab company account
Host gitlab.my_company.com
HostName gitlab.my_company.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_mycompanyaccount_gitlab
Enter fullscreen mode Exit fullscreen mode

Reference: gist.github.com/alejandro-martin/a...

Lastly, make sure to use the right permissions to avoid this error:

$ ssh localhost
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for '/root/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/root/.ssh/id_rsa": bad permissions
[...]
Enter fullscreen mode Exit fullscreen mode
  • .ssh directory: 700 (drwx------)
  • public key (.pub files): 644 (-rw-r--r--)
  • private key (id_rsa): 600 (-rw-------)
Directory or File Man Page Recommended Permissions Mandatory Permissions
~/.ssh/ There is no general requirement to keep the entire contents of this directory secret, but the recommended permissions are read/write/execute for the user, and not accessible by others. 700
~/.ssh/authorized_keys This file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others 600
~/.ssh/config Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not accessible by others. It may be group-writable provided that the group in question contains only the user. 600
~/.ssh/identity
~/.ssh/id_dsa
~/.ssh/id_rsa 		These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute) 600

Reference: frankindev.com/2020/11/26/permissi...

Collapse
 
ryrden profile image
Ryan Souza

Pretty cool, Having multiple SSH keys looks like something that I'll need in the future. Also, feel free to open a pull request to add this as an Extra Or bonus in the link: github.com/ryrden/ryan.dev/blob/ma...

the post was originally posted at ryan.dev.br/2023-04-17-github-ssh-en/

Collapse
 
disane profile image
Marco

Thank you, always forget this!

Collapse
 
ryrden profile image
Ryan Souza

Me too, I wrote this article to use as a note when I forget

Collapse
 
thomasbnt profile image
Thomas Bnt

Great post 🚀

Collapse
 
ryrden profile image
Ryan Souza

Thanks!!

Collapse
 
chrisngoran profile image
chrisngoran

great job . Thanks

Collapse
 
ryrden profile image
Ryan Souza

I know man, thanks for the heads up!