How to setup SSH keys for Github

Because I always forget...

Personal Log 2020-01-02

Where are my ssh keys?

Check the home directory, inside the .ssh folder (~/.ssh).

Generate the SSH keys on the computer

  1. Use the ssh-keygen command to genereate new SSH keys.
  2. Example keygen command:
    🖥 ssh-keygen -t ed25519 -C "key for raspberry pi"
    📟 Generating public/private ed25519 key pair.
    📟 Enter file in which to save the key (/home/pi/.ssh/id_ed25519):
    📟 Created directory '/home/pi/.ssh'.
    📟 Enter passphrase (empty for no passphrase):
    📟 Enter same passphrase again:
    📟 Your identification has been saved in /home/pi/.ssh/id_ed25519.
    📟 Your public key has been saved in /home/pi/.ssh/id_ed25519.pub.
    📟 The key fingerprint is:
    📟 SHA256:2x6f+JRTJdFoZrGfh6NHFnnLNo4Rludt1ss7UWGmA70 key for raspberry pi
    📟 The key's randomart image is: 
    📟 +--[ED25519 256]--+
    📟 |            . o+ |
    📟 |           . .*B.|
    📟 |            .BX.+|
    📟 |            .E=B*|
    📟 |        S    .BBO|
    📟 |         o   **=+|
    📟 |        . o =..+.|
    📟 |         . = + ..|
    📟 |          o.+  ..|
    📟 +----[SHA256]-----+
  3. Press enter to use the default location and optionally give a password. The name of the key file will change depending on what type of key is generated.

Start the ssh-agent

By itself, the ssh-agent command does not make the agent accessible. Rather, commands are printed to the terminal that, when executed, add environment variables for the SSH agent and authentication socket.

🖥 ssh-agent
📟 SSH_AUTH_SOCK=/tmp/ssh-zzcNDZeoBG8p/agent.10908; export SSH_AUTH_SOCK;
📟 SSH_AGENT_PID=10909; export SSH_AGENT_PID;
📟 echo Agent pid 10909;

To start the agent, combine the ssh-agent command with eval to start the ssh agent and make it accessible via environment variables.

🖥 eval $(ssh-agent)
📟 Agent pid 11594

Note: some instructions add the -s flag to the ssh-agent command. This flag tells the ssh-agent to generate commands for Bourne shell. I use zsh and bash (and both are part of the Bourne shell family), so I omit this flag.

To kill the ssh-agent, use the -k flag. The eval component is not required when killing the agent; however, using eval is recommended, as it will clean up the environment variables. Therefore, checking for the existence of the environment variables is not a good way to determine if the agent is running or not.

🖥 ssh-agent -k
📟 unset SSH_AUTH_SOCK;
📟 unset SSH_AGENT_PID;
📟 echo Agent pid 11594 killed;
🖥 echo $SSH_AUTH_SOCK
📟 /tmp/ssh-CTdyhLxi6UXW/agent.11593
🖥 echo $SSH_AGENT_PID
📟 11594

Here is what happens when eval is used. Note that the environment variables are empty.

🖥 eval $(ssh-agent)
📟 Agent pid 11884
🖥 eval $(ssh-agent -k)
📟 Agent pid 11884 killed
🖥 echo $SSH_AUTH_SOCK
📟
🖥 echo $SSH_AGENT_PID
📟

Add the keys to the ssh-agent

You can check if the ssh-agent has any current keys by running:

🖥 ssh-add -l
📟 The agent has no identities.

If the agent is not running, then the command will return this output. See the previous section for details on starting the agent.

🖥 ssh-add -l
📟 Error connecting to agent: No such file or directory

Once the agent is running, find the name of the private key file that was generated, and add it to the agent.

🖥 ssh-add ~/.ssh/id_ed25519
📟 Identity added: /home/pi/.ssh/id_ed25519 (key for raspberry pi)

Add the new SSH key to github

  1. Sign in to your github account.
  2. Under settings (top right drop-down menu), go to the SSH and GPG Keys section.
  3. Under the SSH keys section, click the New SSH key button.
  4. Copy the contents of your public key to the clipboard (for example, the ~/.ssh/id_ed25519.pub file).
  5. Enter a title for the new key (for example, the computer name), and paste the public SSH key content into the text box. Click the Add SSH key button.