How to Generate SSH Key for Git?

Pre-requisites

Before figuring out how to generate ssh key for git, you first need to check if you have an existing SSH key associated with your GitHub account.

To check for the presence of the SSH key, open a terminal and type ls -al ~/.ssh. This command lists down all the files in the .ssh directory (if any). Now, check the listing of directories to see if you already have an SSH public key. By default, GitHub supports public key filenames that are either:

• id_rsa.pub
• id_ecdsa.pub
• id_ed25519.pub

If you get an error that ~/.ssh doesn't exist, you don't have an existing SSH key pair in the default location. If you don't already have an existing shh key, generate a new key and add it to your ssh-agent

What is a Git SSH Key?

The SSH protocol helps you to connect and to authenticate to the remote servers and the remote services. SSH keys are considered as an access credentials for the SSH or the Secure Shell network protocol. It is a secure, encrypted, and authenticated network protocol used for long-distance communication between computers operating on insecure networks. SSH keys allow you to connect to GitHub without having to enter personal information such as your username or access token every time you visit the site. You can also use an SSH key to sign commits and to provide read and write access to the data in repositories on GitHub.com using SSH (Secure Shell Protocol). When setting up SSH, you need to generate a new SSH private key and add it to the SSH agent. You also need to add your SSH public key to his GitHub account before you can use the key to authenticate or sign commits.

An organization using GitHub Enterprise Cloud can provide SSH certificates, that allow members to access the organization's repositories without adding the certificate to their account on GitHub. When using SSH certificates, you cannot use the certificate to access a fork of your organization's repository, if the fork is owned by a personal account.

SSH is used for the transfer of remote files, network management, and remote operating system access. This SSH acronym is also used to describe a set of tools used to interact with the SSH protocol.

The concept of SSH keys is to use a pair of keys to initiate a secure handshake between different remote parties. A pair of a key includes a public key and a non-public key and the name of those private and public keys can be confusing, as both are called keys. It's helpful to think of the public key as a "lock" and the private key as a "key". They provide a public "lock" to the remote party to encrypt or "lock" their data. This data is opened with a "private" key that you keep in a safe place.

When generating an SSH key, you can add a passphrase to further protect your key. Whenever you use a key, you also have to enter the associated passphrase. If your key has a passphrase and you don't want to enter the passphrase every time you use the key, you can add the key to the SSH agent. SSH Agent manages SSH keys and remembers passphrases. Let's understand how to create an SSH key in the next section of this article and then we will explore how to generate ssh key for git.

Create an SSH Key

SSH keys are created by a formula that uses two prime numbers and a random seed variable to return public and private keys. This is a one-way formula that guarantees that the public key can be derived from the private key, but the private key cannot be derived from the public key.

SSH keys are created using a key generator tool, and the SSH command line tool suite includes the keygen tool. The following sections describe how to generate public SSH keys for various operating systems.

Generating Your SSH Public Key

To generate an SSH key, we will be using the keygen tool as a key generator tool.

Mac and Linux

Both macOS and Linux operating systems have a comprehensive modern terminal application that comes with an SSH suite installed. The process of creating SSH keys is the same between them.

First, you should check for existing SSH keys on your local computer by opening a terminal and typing:

If you get the error message as No such file or directory from the above command, then that means that you don't have the existing keys and you should proceed to the step to generate a new SSH key. But if you have the key, type the below command to see the keys:

Now, to generate a new SSH key. Enter the following command using the email address of your GitHub account: s ssh-keygen -t rsa -b 4096 -C "[your github's email]"

SSH supports more than one public key algorithms for keys authentication and "rsa" is one of an old algorithm based on the difficulty of factoring large numbers. A key length of at least 2048 bits is recommended for RSA. 4096 bits is better. RSA is aging and factoring has come a long way. We recommend choosing another algorithm. It's entirely possible that the RSA algorithm will be virtually crackable in the near future.

-t option here stands for "type" and is used here specifies the type of key to be created. Commonly used values are: - rsa for RSA keys - dsa for DSA keys - ecdsa for elliptic curve DSA keys.

-b option here stands for "bits" and ir specifies the number of bits in the key. The regulations governing SSH use cases may require the use of specific key lengths. In general, 2048 bits is considered to be sufficient for RSA keys.

-c options here stands for "Comment" and is used change the comment for a keyfile.

After running this command, you will be prompted to set the SSH key path. You can specify the file location or press Enter to simply accept the default file location.

The next prompt asks for a secure passphrase. A passphrase adds an extra layer of security to SSH and is required whenever you use SSH keys. Giving someone access to a computer where your private key is stored may also give them access to systems that use that key. Adding a passphrase to the key avoids this scenario.

By following the above steps, a new SSH key will have been generated on the path being specified above.

Windows

The environment of Windows does not have a standard Unix shell and so to get the full Keygen experience, you need to install an external shell program. The easiest option is to use Git Bash. You can download Git Bash setup from the official website. After downloading, run the downloaded .exe file and follow the installer instructions. Then right-click any folder and select the Git Bash Here option from the context (right-click) menu to run Git Bash.

First, you should check for existing SSH keys on your local computer by opening a terminal and typing:

If you get the error message as No such file or directory, then that means that you don't have the key. But if you have the key:

Now, to generate a new SSH key. Enter the following command using the email address of your GitHub account:

Here 'ed25519' is a new algorithm added in OpenSSH. Support for this algorithm in clients is not yet universal, and thus its use in general-purpose applications is still discouraged.

Linking the key to your email address will help you identify the key later.

After running this command, you will be prompted to set the SSH key path. You can specify the file location or press Enter to simply accept the default file location.

The next prompt asks for a secure passphrase. A passphrase adds an extra layer of security to SSH and is required whenever you use SSH keys. Giving someone access to a computer where your private key is stored may also give them access to systems that use that key. Adding a passphrase to the key avoids this scenario.

By following the above steps, a new SSH key will have been generated on the path being specified above.

Adding Your SSH Key to the SSH-AGENT

After generating a new SSH key, you need to add the SSH key to the SSH agent by following the steps below:

To start the ssh-agent in the background, enter the following command:

To verify that the SSH agent is running, you should receive the following output:

Output:

Once the SSH agent is running, you can add the new SSH key to the SSH agent of your local machine with the following command:

After entering this command, your new SSH key will be added and will be ready for use.

Let's also see how to add the SSH key to your GitHub account:

1. Log in to your GitHub account and right-click on your profile picture to open settings.

2. In the Preferences sidebar, click SSH and GPG Keys.

3. In it, click the New SSH Key button, enter the title you want to give, and enter your SSH key.

4. Next, click the Add SSH Key button. This will add your SSH key to your GitHub account.

Generating a New SSH Key for a Hardware Security Key

We will see how to generate ssh key for git specifically for a hardware security key:

1. Insert your hardware security key into your computer.

2. Open a terminal and input the subsequent command:

where email_id refers to the email address of your GitHub account.

3. Touch the hardware security key button when prompted.

4. When prompted to Enter a file to save the key, press Enter to accept the default file location.

5. Press Enter when prompted for the passphrase.

6. Now, add your SSH key to your GitHub account.