How to create SSH Key for Git?
Published on

How to create SSH Key for Git?

Authors

Create key without passpharse as if we add a passphrase then you'll need to keep typing it whenever you try to connect to the remote repo or you might have to add the passphrase to your key-chain, etc. SSH using certificates are safe if you are going to configure it for your machines.

Passpharse is more secure option but it becomes a hassle by asking for passpharse every time you connect to the remote. Thus it kind of becomes an inconvenience.

> ssh-keygen -C "[email protected]"

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/xyz/.ssh/id_rsa): git-key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in git-key
Your public key has been saved in git-key.pub
The key fingerprint is:
SHA256:xOC5skAFsyFhs8i/ipQsqpPZJGBp4DIybWKyo4QY3o4 [email protected]
The key's randomart image is:
+---[RSA 3072]----+
|oo+.. .          |
|=.o= . +         |
|+++   o o        |
|XU+    o         |
|%Zo.. 9 S        |
|Aooo.o           |
|+Po..            |
|XFo.             |
|=o               |
+----[SHA256]-----+

The below link will help you to configure SSH for GitHub and Azure DevOps. Its a very simple process and you can follow the steps mentioned in the link.

How to configure SSH for GitHub/Azure DevOps?

In your config file which is present in ~/.ssh/config we'll need to add Host as github.com and visualstudio.com and provide the IdentityFile.

config
Host github.com
  IdentityFile ~/.ssh/git-key
Host vs-ssh.visualstudio.com
  IdentityFile ~/.ssh/git-key
  IdentitiesOnly yes
  HostkeyAlgorithms +ssh-rsa
  PubkeyAcceptedKeyTypes=ssh-rsa

After adding the above configuration you can add the key to the ssh-agent and then you can connect to the remote repo without the need to trust the remote.

eval `ssh-agent -s`
chmod 700 git-key
chmod 700 config
ssh-add -k git-key

If you use -K it will basically ask for GitHub Authenticator Pin.

> ssh-add -K ~/.ssh/id_rsa
Enter PIN for authenticator:

One more point to note is that the Git LFS would not work over SSH so you'll need to use HTTPS only. SSH keys are useful when you don't want to keep reconfiguring your expired keys to each machine which you're currently working.

git config --list --show-origin --show-scope to check the git configuration file and the scope of the configuration.

Git CR/LF Conversion

I believe input is the best configuration for git file endings as most of the code which is developed must be deployed over to Linux systems which do not support CRLF. So it’s better to use LF directly as most of the text editors support LF ending even though LF might not work correctly in notepad application. But who uses notepad application for the development of software? 🤪

git config --global core.autocrlf input