This week, I decided to secure a bit my GitHub and my BitBucket account with ssh keys. It’s something really interesting and simple to implement and the improves the security 😊
Nevertheless, I had some issues for implementing it…
Let’s start by generate our different certificates for each service. In Git Bash or in Linux commandline, please do the following commands (they are for my usage but you can change it for yours 😉)
cd ~/.ssh ssh-keygen -t rsa -C SuperITMan@github.com -f "id_rsa_github_superitman" ssh-keygen -t rsa -C SuperITMan@bitbucket.org -f "id_rsa_bitbucket_superitman"
- -C is used for letting a comment at the end your generated key
- -f is used for setting the output filename of your generated key
Enter your passphrase you’ll have to type everytime you use the key (put a password you know).
Now, add your new keys into your GitHub and BitBucket accounts:
- GitHub: https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/
- BitBucket: https://confluence.atlassian.com/bitbucketserver/ssh-user-keys-for-personal-use-776639793.html
Firstly I followed this method which is working but I don’t really like it.
For improving the usage, please add the following lines in your .bashrc file…
eval `ssh-agent` ssh-add ~/.ssh/id_rsa_github_superitman ssh-add ~/.ssh/id_rsa_bitbucket_superitman
This method will force you type once your different passwords everytime you open a new bash instance. But that means even if you don’t want to use git with your bash, you’ll have to type your passwords when you open it.
Secondly I followed an other method based on config file.
This method is according to me the best one and should the one everyone likes 😊
cd ~/.ssh touch config vim config # you can use nano if really prefer ;-)
# Put the following content in your config file: # GitHub SuperITMan Host github.com HostName github.com User git IdentityFile ~/.ssh/id_rsa_github_superitman IdentitiesOnly yes # GitHub company (this one is currently only for demo) Host github.com-company HostName github.com User git IdentityFile ~/.ssh/id_rsa_github_company IdentitiesOnly yes # BitBucket SuperITMan Host bitbucket.org HostName bitbucket.org User git IdentityFile ~/.ssh/id_rsa_bitbucket_superitman IdentitiesOnly yes
# Now it's time for saving the config file and play a bit with your secured repos cd /c/dev # Let's clone from GitHub as SuperITMan git clone email@example.com:SuperITMan/demo.git # Let's clone from GitHub as company git clone firstname.lastname@example.org:company/demo.git demo-company # Let's clone from BitBucket as SuperITMan git clone email@example.com:SuperITMan/demo.git demo-bitbucket
With this method, everytime you’ll do git clone / git pull / git push / … you’ll have to type your passphrase but that will be awesome for you to use 😊
Enjoy your new git/ssh configuration.
Have a nice one.