The perks and usage of SSH authentication were seen in the last tutorial. We also discussed private and public keys which are used in authenticating through SSH in GitHub. Not only this, actually, it has a lot of applications. But, we will stick to SSH currently. Going through the advantages of SSH, it was clear to us that SSH is more secure and convenient to use once the initial set up is done and ready. But that was just the theory. To make use of SSH keys, we must generate them and add them to our GitHub account. In this tutorial, we will cover the following:
- Authenticating via SSH in Git.
- Generating public and private keys in SSH.
- Adding SSH keys to the GitHub Account.
- Verifying the SSH keys through Git Bash.
How to authenticate via SSH in Git?
Authentication provides us with a method to let only authorized user access the confidential data or any data if I say. Authentication and authorization is a wide topic and if you are interested, you can learn more from authentication and authorization to brush up the concepts. In Git and GitHub, while we learnt the authentication through HTTPS in the repository cloning tutorial, its time for authenticating using another option that GitHub provides.
You might wonder that just like we copied the URL by pressing clone in GitHub; Similarly we will choose the SSH option and follow the steps. Well, let’s try that and see what happens.
1.Navigate to the ToolsQA repository page
2. You will find the Clone or download button. Click on the button to open the cloning options.
3. Go to the Use SSH button to see if it takes us somewhere.
We get a note that we currently do not have any public SSH keys in our GitHub account and followed by the links to generate one. So, basically what we learnt in the SSH authentication post is quite true. We need the keys to communicate to the server via SSH. In the next section, we will generate the SSH keys but before that, as a precaution, you should remember a note. It might so happen in some cases that the user already has the SSH keys pair in his repository. So, before generating the keys, it is a good practice to first check the existing SSH keys if any.
Checking SSH Keys In Local Repository
Checking the SSH keys in the local repository is a few step simple process.
1. Open Git bash and navigate to the repository.
2. Type the following command and press enter:
ls -l ~/.ssh
Once the command is executed, you will see the result as total 0 if you do not have the keys. Whereas, if you do have the keys, it will be shown as the following:
It shows that two keys are present. If you have the keys present, you can skip the next section.
You can also check for the ssh directory if it is present or not by typing the following command and press enter:
Since I do not have any such directory and the keys of course, I get the appropriate message. In the next section, we will generate ssh keys.
Generating Public and Private Keys in GitHub
To generate the pair of ssh keys through Git, type the following command:
ssh-keygen -t rsa -C “myFirstSSHKeys”
If we break this command into elements that make it, we get the following entities:
ssh-keygen: This depicts that we are requesting the ssh key generation from Git.
rsa: This asks Git to generate RSA keys only.
-C : This option depicts that we are about to mention a comment next to this option.
myFirstSSHKeys: This is the comment. It is important when we have multiple keys associated with our account.
Press enter to execute the command.
You will see the message as Generating public/private rsa key pair which shows that Git is generating the keys. Once generated, it will ask the file in which you want to save the keys. Git will show you the default location. For now, we will be going ahead with the default location, so just press enter.
Next, you will be prompted to enter the passphrase. For now, we will just go ahead with the empty passphrase. Press enter and enter the same passphrase (nothing) again to generate the keys.
If you are getting the same screen, congratulations! your keys have been generated. The highlighted line, however, shows the shorter version or the fingerprint of the public key.
Let’s see the keys in the directory now by again typing the following command:
ls -l ~/.ssh
This note confirms that we have successfully generated the keys. Now, we just need to add this key to our GitHub account so that we can communicate from Git to GitHub via SSH.
Adding SSH keys to GitHub
To add the SSH key to our GitHub account, first, we need to copy the key. To copy the key, open the public key that we generated in the above section in your favourite text editor:
Note: We are using Notepad++ as a text editor, while you can use any one of your choices. For more information, you can refer text editors in Git.
2. The key will open in Notepad++. Copy this key.
3. Open your GitHub account and go to settings by pressing your profile picture on the top-right corner of the page.
4. Navigate to SSH and GPG keys option from the side panel.
5. Press New SSH key to enter a new key in GitHub.
6. Enter the title and the key in the text field given and press Add SSH Key.
Once done, you will be shown that the key has been added successfully which is recognized by the title given in point 6.
If this is the screen you are getting, you have successfully added the SSH key to your GitHub account. We need to verify now that the key has been linked correctly or not.
Verifying Added SSH in Key in GitHub Account
Now that we have generated the SSH key and added it to our GitHub account, it is time we verify the key with our GitHub account with the help of ssh and GitBash.
Go to the Git Bash and type the following command:
ssh -T firstname.lastname@example.org
Press enter to see the following message on the screen. It will prompt you to confirm if you want to authenticate or not. Press Yes.
Press enter and if a message is shown with your name, you have verified successfully the key that you have generated.
Verifying successfully our key brings us to the end of this tutorial. It was a lot to generate, add and verify keys to the account which we have done happily. Before ending, I must say that the use of HTTPS or SSH depends completely on the user and their convenience. If you feel more comfortable using HTTPS, you should definitely go through it (after giving a read to its advantages and disadvantages). For now, we will move on to our next post.