Using SSH Key based authentication — Remote machines and GitHub
Usernames and passwords work for a small home environment, but if you’re handling multiple VM’s (or if you want to seamlessly code in an IDE like VS Code and push your changes to GitHub) you need to be able to create and manage multiple SSH keys on your system.
There are good posts online about creating an SSH key to use for SSH’ing into a single remote machine, but it starts to get a slightly more complicated when trying to handle multiple SSH keys as you have to give each one a unique name.
So, let’s go over creating and managing SSH keys for multiple VM’s. After that, we’ll go over creating and managing SSH keys on GitHub.
Creating and managing SSH keys for multiple machines
Creating a single SSH key for accessing a remote machine is straightforward, but we want to be able to create and use multiple different SSH keys. That requires us to name them uniquely.
To make a uniquely named SSH key, first change your directory and create the SSH key:
cd ~/.ssh
ssh-keygen -t ed25519When it ask’s where to save the key, you want to save it in your .ssh directory. If you wanted to save it as the default id_ed25519 file, that would work for one machine, but if you want to use multiple keys, you need to give it a unique name.
For example (if my user was named jonezy) I would enter:
/home/jonezy/.ssh/id_ed25519_Remote1Remote 1 can be any identifier you want to use for the remote machine
You can add a password or if you would rather not you can just press Enter twice for no password.
Add SSH key to the ssh-agent
Start the ssh agent in the background:
eval "$(ssh-agent -s)"Now you want to edit the config file. If you don’t have one yet, don’t worry, this will create it.
vim configAdd the following to your config file:
Host <remote IP>
AddKeysToAgent yes
IgnoreUnknown UseKeychain
UseKeychain yes
IdentitiesOnly yes
IdentityFile ~/.ssh/id_ed25519_Remote1Save and quit by typing ESC followed by :wq! and Enter
You may need to comment out line 4 by inserting a # at the start of the line. I find on some machines I need that line and on others I don’t. Run the next command as is and if you get an error about line 4 go ahead and comment it out.
Send the generated public key to your remote1 machine:
ssh-copy-id -i ~/.ssh/id_ed25519_Remote1 user@remote1Now attempt to ssh into your remote machine. If it doesn’t ask you for a password, it worked!
Disable password based authentication
Once SSH’d into your remote machine, it is best practice to disable password ssh authentication.
vim /etc/ssh/sshd_configChange PasswordAuthentication from yes to no.
Restart ssh:
sudo systemctl restart sshdTo do this for a second machine, repeat the steps above but change the filename of the ssh key and ssh-copy the public key to the second remote machine.
Creating SSH keys for GitHub
If you want to edit a private repository on GitHub, you need to use SSH authentication with GitHub. I personally use this for my homelab development, as I don’t want all of my config’s out for everyone to see.
First, we have to configure some basic information:
git config --global user.name "YOUR_GITHUB_USERNAME"
git config --global user.email "YOUR_GITHUB_EMAIL"Now, we need to create our SSH key:
ssh keygen -t ed25519 -C "YOUR_GITHUB_EMAIL"Name it something like:
/home/jonezy/.ssh/id_ed25519_GithubEnter twice to not set a password
Add SSH key to SSH Agent:
eval "$(ssh-agent -s)"vim ~/.ssh/configPlace this into the end of your ssh config file:
Host *
AddKeysToAgent yes
IgnoreUnknown UseKeychain
UseKeychain yes
IdentityFile ~/.ssh/id_ed25519_GithubType ESC and :wq! to save
You may need to comment out line 4 by inserting a # at the start of the line. I find on some machines I need that line and on others I don’t. Run the next command as is and if you get an error about line 4 go ahead and comment it out.
Now run:
ssh-add ~/.ssh/id_ed25519_GithubAdd public key to Github
On your machine where you created the SSH key:
cat ~/.ssh/id_ed25519_Github.pubCopy the output to your clipboard
Navigate to Github GPG and SSH Keys
Create a new SSH key, give it a descriptive name, and paste the contents from your clipboard as the key.
To test, run:
ssh -T git@github.comYou should now be able to use a private GitHub repo! If you decide to use Remote SSH in VSCode or another IDE, repeat the steps above when SSH’d into the remote machine to connect to your github on the remote machine.
