Multiple SSH keys for different remote GitHub servers on the same computer
You can use SSH protocol to connect and authenticate to remote GitHub servers. Using SSH keys you can authenticate to GitHub without providing your credentials every time you connect.
It’s common that you need to connect to different GitHub servers from the same computer simultaneously. It could be your
personal account to github.com
and the one from work, like work.github.com
or any other remote GitHub server.
Anyway, how to configure your SSH client to support this setup it’s not so straight forward. I’m describing below the
steps to follow to accomplish this.
Generate a new SSH for your GitHub account
From Git Bash generate a new public/private RSA key using ssh-keygen as below. You need to provide the email address for your GitHub account.
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
When you’re prompted, enter a file name where you want to save the keys and a secure passphrase. Let’s say you generate
a key for your personal GitHub account and name it id_rsa_personal. Public (id_rsa_personal.pub
) and private (
id_rsa_personal
) keys are generated. Then upload them to your GitHub server.
More details about generating SSH keys and how to add new SSH key to your GitHub account here.
Add the new SSH keys to .ssh home folder
Copy your newly SSH keys to ~/.ssh
folder. Assuming you generated a key for your personal account in GitHub and that
you already have another one for your work account, you should have under ~/.ssh folder 4 files.
id_rsa_personal.pub
id_rsa_personal
id_rsa.pub
id_rsa
Create a SSH config file
If you don’t have it already create a ~/.ssh/config
file and add the following to it. I still assume that you have 2
accounts, the personal one and the other for work. As shown below you need to provide the host addresses and usernames
for your accounts. It is also important to specify the right SSH keys to be used for each account using IdentityFile
property (highlighted below).
# Work account
Host work github.work.com
HostName github.work.com
IdentityFile ~/.ssh/id_rsa
User work_user
# Personal account
Host personal github.com
HostName github.com
IdentityFile ~/.ssh/id_rsa_personal
User personal_user
Check the connectivity and troubleshoot
In order to check the connectivity to your GitHub servers using SSH-RSA keys run the command below.
ssh -vT git@github.com
It runs in verbose mode just to provide you all the details in case you need to troubleshoot later. You need to specify
the GitHub host, in my case github.com
and git
as username. Don’t use your GitHub account username, it won’t work.
Just git
as above.
If you get the message You've successfully authenticated, but GitHub does not provide shell access.
then you’re all
good. Your setup is correct and you could carry on to clone repositories or interact with your GitHub remotes using RSA
keys.
In case the command returns git@github.com: Permission denied (publickey)
then check once again your SSH config file
and make sure the right RSA key is is used for your server.
OpenSSH_7.9p1, OpenSSL 1.1.1a 20 Nov 2018
debug1: Reading configuration data ~/.ssh/config
...
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in ~/.ssh/known_hosts:4
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
...
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: ~/.ssh/id_rsa_personal RSA SHA256:9lQpW+Fadq8+ORpWHFXsYJsD0p8r explicit
debug1: Server accepts key: ~/.ssh/id_rsa_personal RSA SHA256:9lQpW+Fadq8+ORpWHFXsYJsD0p8rv explicit
debug1: Authentication succeeded (publickey).
...
You've successfully authenticated, but GitHub does not provide shell access.
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3488, received 2724 bytes, in 0.2 seconds
Bytes per second: sent 15908.8, received 12424.2
debug1: Exit status 1