SuperITManBlog
GitHub
GitLab

Git - Configure git for using a different ssh key for every host

March 14, 2018 - 3 min read

git

Hi all,

This week, I decided to secure a bit my GitHub and my BitBucket account with ssh keys. It’s something really interesting and simple to implement and the improves the security 😊

Nevertheless, I had some issues for implementing it…

Let’s start by generate our different certificates for each service. In Git Bash or in Linux commandline, please do the following commands (they are for my usage but you can change it for yours 😉)

cd ~/.ssh
ssh-keygen -t rsa -C SuperITMan@github.com -f "id_rsa_github_superitman"
ssh-keygen -t rsa -C SuperITMan@bitbucket.org -f "id_rsa_bitbucket_superitman"
  • -C is used for letting a comment at the end your generated key
  • -f is used for setting the output filename of your generated key

Enter your passphrase you’ll have to type everytime you use the key (put a password you know).

Now, add your new keys into your GitHub and BitBucket accounts:

Firstly I followed this method which is working but I don’t really like it.

For improving the usage, please add the following lines in your .bashrc file…

eval `ssh-agent`
ssh-add ~/.ssh/id_rsa_github_superitman
ssh-add ~/.ssh/id_rsa_bitbucket_superitman

This method will force you type once your different passwords everytime you open a new bash instance. But that means even if you don’t want to use git with your bash, you’ll have to type your passwords when you open it.

Secondly I followed an other method based on config file.

This method is according to me the best one and should the one everyone likes 😊

cd ~/.ssh
touch config
vim config # you can use nano if really prefer ;-)
# Put the following content in your config file:

# GitHub SuperITMan
Host github.com
  HostName github.com
  User git
  IdentityFile ~/.ssh/id_rsa_github_superitman
  IdentitiesOnly yes

# GitHub company (this one is currently only for demo)
Host github.com-company
  HostName github.com
  User git
  IdentityFile ~/.ssh/id_rsa_github_company
  IdentitiesOnly yes

# BitBucket SuperITMan
Host bitbucket.org
  HostName bitbucket.org
  User git
  IdentityFile ~/.ssh/id_rsa_bitbucket_superitman
  IdentitiesOnly yes
# Now it's time for saving the config file and play a bit with your secured repos
cd /c/dev

# Let's clone from GitHub as SuperITMan
git clone git@github.com:SuperITMan/demo.git

# Let's clone from GitHub as company
git clone git@github.com-company:company/demo.git demo-company

# Let's clone from BitBucket as SuperITMan
git clone git@bitbucket.org:SuperITMan/demo.git demo-bitbucket

With this method, everytime you’ll do git clone / git pull / git push / … you’ll have to type your passphrase but that will be awesome for you to use 😊

Enjoy your new git/ssh configuration.

Have a nice one.

Sources


Alexis GEORGES

Written by Alexis GEORGES
Living in Brussels (beers, cheeses, chocolates, etc.), geek passionate by Open Source initiatives, against the censorship and careful with the privacy.
You can follow me on Twitter