GitHub SSH Key Setup

This guide covers the complete process of setting up SSH authentication for GitHub access.

Overview

SSH keys provide a secure way to authenticate with GitHub without entering credentials repeatedly. We use ED25519 keys for better security and performance.

SSH Key Generation

Generate ED25519 Key Pair

ssh-keygen -t ed25519 -C "donnyaw@gmail.com" -f /home/rezriz/.ssh/github/id_ed25519 -N ""

Parameters:

-t ed25519: Use ED25519 algorithm (more secure than RSA)
-C "donnyaw@gmail.com": Add email as comment
-f /home/rezriz/.ssh/github/id_ed25519: Specify output file path
-N "": No passphrase (empty string)

Set Proper Permissions

chmod 600 /home/rezriz/.ssh/github/id_ed25519
chmod 644 /home/rezriz/.ssh/github/id_ed25519.pub

Verify Key Generation

# List generated keys
ls -la /home/rezriz/.ssh/github/

# Display public key fingerprint
ssh-keygen -l -f /home/rezriz/.ssh/github/id_ed25519

# Show public key content
cat /home/rezriz/.ssh/github/id_ed25519.pub

Expected Output:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdvNA6rT7W0o7RM52EejS+TybePe4zFyUhZ468X4NxL donnyaw@gmail.com

SSH Configuration

Configure SSH Client

Create or edit ~/.ssh/config:

Host github.com
    HostName github.com
    User git
    IdentityFile /home/rezriz/.ssh/github/id_ed25519
    IdentitiesOnly yes

Configuration Details:

Host github.com: Specifies this config applies to github.com
User git: Always use 'git' user for GitHub
IdentityFile: Path to private key
IdentitiesOnly yes: Only use specified identity file

Add Public Key to GitHub

Display Your Public Key

cat /home/rezriz/.ssh/github/id_ed25519.pub

Add to GitHub Account

Copy the entire public key output
Go to GitHub → Settings → SSH and GPG keys
Click "New SSH key"
Title: "VPS Server" (or your preferred name)
Paste the public key
Click "Add SSH key"

Test Connection

Basic Connection Test

ssh -T git@github.com

Expected Response:

Hi donnyaw! You've successfully authenticated, but GitHub does not provide shell access.

Verbose Connection Test

ssh -v -T git@github.com 2>&1 | grep -A 5 "Offering public key"

Test with Specific Key

ssh -i /home/rezriz/.ssh/github/id_ed25519 -o StrictHostKeyChecking=no -T git@github.com 2>&1

Troubleshooting

Verify SSH Agent

# Check if key is offered
ssh -vT git@github.com 2>&1 | grep "Offering"

Check Key Permissions

# Private key should be 600
ls -la /home/rezriz/.ssh/github/id_ed25519

# Public key should be 644
ls -la /home/rezriz/.ssh/github/id_ed25519.pub

Legacy Keys Cleanup

If you have old RSA keys:

# Remove old RSA keys
rm /home/rezriz/.ssh/github/id_rsa /home/rezriz/.ssh/github/id_rsa.pub

# Verify only ED25519 keys remain
ls -la /home/rezriz/.ssh/github/

Key Files Location

~/.ssh/github/
 id_ed25519          # Private key (600 permissions)
 id_ed25519.pub      # Public key (644 permissions)

Security Best Practices

Never share your private key (id_ed25519)
Only share the public key (id_ed25519.pub)
Keep backup of your private key in a secure location
Use different keys for different servers/environments
Rotate keys periodically for better security

# Test connection without host key checking
ssh -T git@github.com -o StrictHostKeyChecking=no

# Find all github-related SSH files
find ~/.ssh -name "*github*" -type f

# Check SSH configuration
cat ~/.ssh/config | grep -A 5 "github"

Overview​

SSH Key Generation​

Generate ED25519 Key Pair​

Set Proper Permissions​

Verify Key Generation​

SSH Configuration​

Configure SSH Client​

Add Public Key to GitHub​

Display Your Public Key​

Add to GitHub Account​

Test Connection​

Basic Connection Test​

Verbose Connection Test​

Test with Specific Key​

Troubleshooting​

Verify SSH Agent​

Check Key Permissions​

Legacy Keys Cleanup​

Key Files Location​

Security Best Practices​

Related Commands​