Access git remote with SSH

| git

When I started working I found it challenging to work on my personal projects and the work projects on the same machine. At that time I saved my authentication data in the .git-cretendials file, and I didn’t know how to handle different credentials for different projects.

After some researches I found out that you can access your projects with a SSH key!

But, what does that mean?
At the beginning of my love-story with git, I learned that to work with a remote server I had to use a private password or key. For each push or pull, or more in general, for each command that had to interact with remote, I had to write the passowrd. Or better, I could save it somewere, ready to be used by git.

With the SSH approach, you will not use a password, or at least, you will not use a password like you are used to. You will use a pair of SSH keys, one public and one private, to authenticate with the remote server, like GitHub or GitLab. Keeping the private half on your machine and installing the public half on the remote server.
This is how the authentication works:

  1. Before setting up an SSH connection, the SSH client needs to generate its own public-private key pair and store its public key on the remote server.

  2. The SSH client sends a login request to the remote server.

  3. The remote server searches for the client public key based on information such as the username in the request, encrypts a random number using the public key, and sends the encrypted random number to the client.

  4. Upon receipt, the SSH client uses its own private key to decrypt the returned information before sending the decrypted information to the remote server.

  5. The remote server checks whether the decrypted information sent by the SSH client is correct; if the information is correct, authentication is successful. ssh_key_cycle

There was another change that I had to make, given that I don’t use the same name and email for all my projects I removed them from the global git configuration (~/.gitconfig). Instead of setting this data globally, as git suggests, I set them locally for each project: git config "<Name>". For my private project I use my email, and for work-related projects I use the work email.

How to create a ssh key

To create the SSH keys, you can run the following command

$ ssh-keygen -t ed25519 -C "<email>"

The command will ask if you want to set a password for the key, omitting it will allow you to use the key without entering the password each time you use it.

The command will generate the keys in the current directory, so, I suggest executing it in the ~/.ssh/ directory. This directory is used to configure all the SSH-related stuff.

The command will generate two keys, one private and one public (.pub). The private key must remain private and must not be shared or used with more than one device, for security reasons. The public key must be shared with all the services that you want to interact with, in this case GitHub or GitLab.

To make use of these keys easier, we can write a configuration file, named config, in the ~/.ssh/ directory.

This is an example of my configuration file

Host git-personal # name chosen by me
    User git
    IdentityFile ~/.ssh/git_personal # private ssh-key

Host git-work # name chosen by me
    User git
    IdentityFile ~/.ssh/git_work # private ssh-key

To use one key, you can digit the name you choose as Host.

For example, to clone my own dotfiles I would write

$ git clone git-personal:Klodii/dotfiles.git

Of course, I already associated my public key with my GitHub account; otherwise, I would have gotten an error.