owned this note
owned this note
Published
Linked with GitHub
# Setting SSH keys to work with Github
:::info
generate the keys after you've set up your Github account. You will need to use one of the e-mail addresses you've registered on github.
:::
## Creating ssh keys
You can generate the ssh keys in two ways. The easiest is [using Github CLI](#Using-Github-CLI-easy), the second way is [the classical way](#Classical). Both are done using the terminal.
### Using Github CLI (easy)
This way requires the installation of the [GitHub's CLI](https://cli.github.com/).
#### Installing GitHub's CLI
:::spoiler Windows
Proceed with the installer.
:::
:::spoiler MacOS
The easiest way is through [homebrew](https://brew.sh/). To install homebrew you need to:
1. Open a terminal window
1. Type
```bash
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
```
1. Follow the installation prompts
1. Once homebrew is installed, you can then install Github's CLI
```bash
brew install gh
```
:::
:::spoiler Linux
Install [Github's CLI following the option according to your distribution](https://github.com/cli/cli#linux--bsd).
:::
#### Generating the keys using Github's CLI
1. Open a terminal
1. Type:
```bash
gh auth login
```
1. Follow the prompt answering as:
- log into: **GitHub.com**
- Protocol: **SSH**
- Generate SSH key: **Y**
- passphrase: `<enter a new password for shh>`
- Title: <kbd>Enter</kbd> (unless you want to change the default)
- Authenticate: **Login with a web browser**
1. Insert the one-time code provided in the github page that it opens
1. Accept the permission request on the GitHub page.
Now that we’ve set that up, let’s check our authentication again from the command line.
```bash
ssh -T git@github.com
Hi username! You've successfully authenticated, but GitHub does not provide shell access.
```
If you are asked somethig like:
```
Are you sure you want to continue connecting (yes/no/[fingerprint])?
```
Then you need to type `yes`.
### Classical
Open a bash terminal (gitbash in windows)
```bash
ls -al ~/.ssh
```
Your output is going to look a little different depending on whether or not SSH has ever been set up on the computer you are using.
If you haven't set up SSH on this computer, you should get:
```
ls: cannot access '/c/Users/username/.ssh': No such file or directory
```
If SSH has been set up on the computer you’re using, the public and private key pairs will be listed. The file names are either id_ed25519/id_ed25519.pub or id_rsa/id_rsa.pub depending on how the key pairs were set up.
If they don’t exist on your computer, you can proceed to create one (using the email from your github account)
```bash
$ ssh-keygen -t ed25519 -C "your@email.com"
```
If you are using a legacy system that doesn’t support the Ed25519 algorithm, use:
```bash
$ ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
```
```output
Generating public/private ed25519 key pair.
Enter file in which to save the key (/c/Users/username/.ssh/id_ed25519):
```
We want to use the default file, so press <kbd>Enter</kbd> to continue.
```output
Created directory '/c/Users/username/.ssh'.
Enter passphrase (empty for no passphrase):
```
Now, it is prompting you for a passphrase. You want to create a passphrase that's secure enough, but be sure to use something memorable or save your passphrase somewhere, as there is no “reset my password” option.
```output
Enter same passphrase again:
```
After entering the same passphrase a second time, we receive the confirmation
```output
Your identification has been saved in /c/Users/username/.ssh/id_ed25519
Your public key has been saved in /c/Users/username/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:SMSPIStNyA00KPxuYu94KpZgRAYjgt9g4BA4kFy3g1o your@email.com
The key's randomart image is:
+--[ED25519 256]--+
|^B== o. |
|%*=.*.+ |
|+=.E =.+ |
| .=.+.o.. |
|.... . S |
|.+ o |
|+ = |
|.o.o |
|oo+. |
+----[SHA256]-----+
```
The “identification” is actually the private key. You should never share it. The public key is appropriately named. The “key fingerprint” is a shorter version of a public key.
Now that we have generated the SSH keys, we will find the SSH files when we check.
```bash
ls -al ~/.ssh
drwxr-xr-x 1 username 197121 0 Jul 16 14:48 ./
drwxr-xr-x 1 username 197121 0 Jul 16 14:48 ../
-rw-r--r-- 1 username 197121 419 Jul 16 14:48 id_ed25519
-rw-r--r-- 1 username 197121 106 Jul 16 14:48 id_ed25519.pub
```
Now we run the command to check if GitHub can read our authentication.
```bash
ssh -T git@github.com
The authenticity of host 'github.com (192.30.255.112)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? y
Please type 'yes', 'no' or the fingerprint: yes
Warning: Permanently added 'github.com' (RSA) to the list of known hosts.
git@github.com: Permission denied (publickey).
```
Now, we need to copy the public key. Be sure to include the .pub at the end, otherwise you’re looking at the private key.
```bash
cat ~/.ssh/id_ed25519.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDmRA3d51X0uu9wXek559gfn6UFNF69yZjChyBIU2qKI a.linguini@ratatouille.fr
```
Now, going to GitHub.com, click on your profile icon in the top right corner to get the drop-down menu. Click “Settings,” then on the settings page, click “SSH and GPG keys,” on the left side “Account settings” menu. Click the “New SSH key” button on the right side. Now, you can add the title (You can use the title “My Laptop” or something that helps you to remember where the original key pair files are located), paste your SSH key into the field, and click the “Add SSH key” to complete the setup.
Now that we’ve set that up, let’s check our authentication again from the command line.
```bash
ssh -T git@github.com
Hi username! You've successfully authenticated, but GitHub does not provide shell access.
```
```bash
eval $(ssh-agent)
ssh-add ~/.ssh/id_ed25519
```
###### tags: `COMP0233` `teaching` `guides`
Google Drive
Gist
Clipboard
Sign in with Wallet
