Story
Since I work from home on the company laptop, sometimes I want to make a quick commit to my personal repository, without starting up my personal computer. But Github blocked password authentication in August 2021. From now on you must either use SSH keys, or configure a PAT (Personal Access Token) from Github.
I find SSH to be vastly more convenient, but my default SSH key is already taken by my workplace.
Problem
When I push to my personal git account with my work's (or default) SSH key, I get this error:
ERROR: Repository not found.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Wrong solutions
- Use the same SSH key for both personal and work computers. Do not do that.
That is a security issue you do not want to deal with. Do not copy an SSH key from your home machine to your work laptop, and vice versa.
- Adding laptop's SSH key to your personal GitHub account.
Not recommended, because your work's SSH .pub file contains your work email, and you don't want that associated with your personal GitHub account.
Solutions
1. Configuring SSH and Git
Create separate configuration files for SSH, and make Git use those separate SSH files.
You must create two separate .ssh/config files for each GitHub account you want to use. Each config file must specify a separate identity that you want SSH to use, for each account. You must generate separate identity keys for your accounts beforehand.
host github.com
user git
identityfile ~/.ssh/id_ed25519 # indentity key, without .pub ending
This way, I created two separate config files: ~/.ssh/work_config and ~/.ssh/personal_config
Each config has a different identityfile being used.
the Git portion
On your work laptop, you might prefer to have global git config to be your job's git config. And then configure your personal repositories locally (isolated to a single repository) with git config --local. That's the strategy that I use.
For your work/global git configuration, you can simply type:
git config --global core.sshCommand "ssh -F ~/.ssh/work_config"
after that, you can go to your personal repository and configure git the way you'd configure it on your personal machine.
git config --local user.name # your personal config
git config --local user.email # that you use on your personal machine
git config --local core.sshCommand "ssh -F ~/.ssh/personal_config"
This way, git will use different ssh commands, with different identity files for your personal and work-related projects.
2. Solution without the core.sshCommand change
As suggested by a comment, here is an alternative solution that I've read through. Very clever approach as well:
https://dev.to/jimzandueta/setup-your-ssh-configuration-file-1m9e
You're welcome to ask questions in the comments, and I'll make appropriate edits.
Top comments (4)
Thanks for the article. To call out the legalities as I understand it in a lot of countries. Company's can lay claim to software you write under certain conditions. If it's close to your employer's field, if it was done on company time, or if it was done from a company device.
It's extremely unlikely your employer would do this but for some that risk isn't acceptable.
This one is the most prevalent, and also makes total sense. Usually when you receive the job, you're giving papers to sign. One in particular usually specifically states that you're not allowed to be working on a competing product during your employment at the company at all, not just company time. And that makes complete sense.
All the other ones line "done on company time" and "done from a company device" are more rare, because they are quite arbitrary.
I know graphic designers have to deal with this sort of stuff sometimes. As in, they sign up to the company "owning their talent", which means they can't even freelance outside of their employment, because "their talent is owned by their employer". Not sure how that could be defended in court, but I've heard that happens.
Your solution works, but I would recommend you to read
How to connect to the same host with different SSH keys?
Jim Zandueta ・ Aug 16 ・ 2 min read
Posted by @jimzadueta
Actually very interesting.
Instead of re-configuring the sshCommand in git, you could just change the host name in the remote url of the repository, and have ssh take care of redirection. That's awesome!
In both solutions you have to intentionally mess with both Git and SSH, just in different ways. I'll leave a link to that one in the actual article then. Worth it :)