I am trying to create Multiple SSH keys for multiple git accounts. For now, I have one Github
account and two Gitlab
accounts, I could not find the guide for Multiple accounts across multiple git platforms. Can you help me with it.
Keys are:
id_rsa_github
git username isdemetere
id_rsa_gitlab
git username isdemetere
id_rsa_gitlab_identomat
git username isdemetere._
I literally need help with agent and cloning and pushing permissions. I generated 3 keys for each account and added them to accounts and also added to the agent. The only thing left is the config
file and also if there is anything specific I need to do when cloning repos and pushing.
Also when I am a contributor to other users' repos how can I clone that with the correct Host? Thanks
CodePudding user response:
The main idea is to use ~/.ssh/config to assign a "Host" entry to each of your accounts:
Host ghuser1
Hostname github.com
User git
IdentityFile ~/.ssh/key1
Host gluser1
Hostname gitlab.com
User git
IdentityFile ~/.ssh/keyg1
Host gluser2
Hostname gitlab.com
User git
IdentityFile ~/.ssh/keyg2
That means, for cloning, you will need to use that "Host
" entry:
git clone ghuser1:me/MyRepo
You can also test the authentication with:
ssh -Tv ghuser1
ssh -Tv gluser1
ssh -Tv gluser2
A few notes:
- the
User
is alwaysgit
, never your GitHub or GitLab account username. - the authentication is needed in order to determine if your account has the right to access a private repository (you must be added as collaborator).
For a public repository, this is less important.
CodePudding user response:
VonC has already answered the main question. By setting the git origin as the alias in ~/.ssh/config
you can tell each repository to use a specific key.
You will still need to load those keys into your ssh-agent any time you make a push. You can automate that with this bash script. It loads any ssh-keys starting with id_rsa
. See the in-file documentation for setup and usage.
Note, this ssh-agent will only work when using git from the CLI. Any IDE you use will have it's own method for authenticating over SSH.
: ' DOCUMENTATION
This file describes and implements authenticating with git over ssh using the cli.
USAGE
Run this as a one-off with
$ source start-ssh-agent
If you call this script without `source` the ssh-agent will be lost in the child process.
To automatically authenticate in every new shell:
1. Save this file to `~/.ssh/start-ssh-agent`
2. Find your shell's rc file
Each shell has its own rc file:
* bash: ~/.bashrc
* zsh: ~/.zshrc
* general: ~/.$(basename $SHELL)rc
3. To your rc file, add the line `. ~/.ssh/start-ssh-agent`
SETUP
Generate an ssh key,
optionally providing a file name ending in _rsa with -f
and your identity with -C
$ ssh-keygen -t rsa -b 4096 -C [email protected] -f ~/.ssh/id_rsa
If you provide a name, end it with `_rsa` to help the below script find it.
If you use a passphrase, it must be used every time you use the ssh Key to connect.
Make sure that the files are in the KEY_FOLDER defined in the below script.
Two files are produced:
The *_rsa file is used to authenticate from your machine.
Share the *_rsa.pub file with your git provider as a public key.
After you have created a key for each account, setup your ssh config file.
Replace the IdentityFile path with the _rsa file you generated.
---------| ~/.ssh/config | ---------
Host my-host-alias
HostName github.com
User git
IdentityFile ~/.ssh/id_rsa
IdentitiesOnly yes
------------------------------------
We can configure git to use this alias, allowing us to use the given IdentityFile
automatically.
Setting IdentitiesOnly forces the agent to only use the given IdentityFile
rather than try every possible ssh key in the KEY_FOLDER.
Open a bash terminal in the local project.
Check your current git origin
$ git remote -v
Automatically replace the current remote url with your alias.
$ git remote set-url origin my-host-alias:$(git remote -v | grep -m 1 -oE [a-z] \/[a-z-] .git)
Test that keys were added by listing active keys
$ ssh-add -l
END DOCUMENTATION'
SSH_ENV=~/.ssh/agent.environment
KEY_FOLDER=~/.ssh
KEY_PREFFIX=id_rsa
# export the SSH_AUTH_SOCK and SSH_AGENT_PID variables
# making the running ssh agent available to child processes
function run_ssh_env {
. "${SSH_ENV}" > /dev/null
}
# start the ssh-agent and add keys
function start_ssh_agent {
echo "Initializing new SSH agent..."
# spawn ssh-agent and store agent config
ssh-agent | sed 's/^echo/#echo/' > "${SSH_ENV}"
chmod 600 "${SSH_ENV}"
run_ssh_env
ssh-add $KEY_FOLDER/$KEY_PREFFIX* || \
echo "Incorrect passphrase, skipping key..."
echo "Agent started"
}
if [ -f "${SSH_ENV}" ]
then
run_ssh_env # look for the last running agent
ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || {
start_ssh_agent # if the last agent is no longer running,
} # start another one
else
start_ssh_agent
fi
# verify that your keys were successfuly added
ssh-add -l || \
echo -e "No keys configured from $KEY_FOLDER/$KEY_PREFFIX*" \
"\nSSH authentication may fail!"
# remove variables so they don't interfere with normal shell usage
unset SSH_ENV
unset KEY_FOLDER
unset KEY_PREFFIX
unset run_ssh_env
unset start_ssh_agent