Setting Up SSH Keys for GitHub

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
If you've been using GitHub for a while you  might have noticed that using your username   and password to make commits and pushing to  repo no longer works. This is because as of   August 13, 2021 GitHub no longer accepts  password authentication for operations.   There are actually a few good reasons for  doing this such as the dangers of having   passwords being reused from multiple  websites. So you might be thinking,   "What does GitHub want me to use instead?"  The answer is token-based authentication.   There are a few different options like SSH  keys personal access keys and using OAuth.   SSH keys are arguably the easiest to implement,  so we'll focus today on using this method.   We should probably talk about what's so great  about SSH keys. The main reason is security. GitHub doesn't need your username and  password each time when using SSH keys   essentially each key uniquely identifies  your computer and after initial setup GitHub   can trust that this computer can do operations.  The key is sort of like a government issued ID;   there's a bit of an initial work  to get your identification card   but after that everyone who sees your ID  just assumes you are who you say you are. Another nice thing about using SSH keys  is that you can revoke a specific key.   Since you set up a key for each computer or  machine you use by provoking a specific key   you can make sure a compromised computer,  like a stolen one, won't impersonate you. And lastly, GitHub will actually remove your  inactive SSH keys after a year. This is a   great default for when you switch computers and  never got around to manually revoking that key. Alright, now that we have a little  bit more background let's go ahead   and show how to create and use SSH keys. Assuming you haven't made any SSH keys before  the first step will be to generate a key.   We'll need to open up a terminal on  our computer, similar to this one.   We'll then need to enter the  command ssh-keygen -t ed25519   -C (capital C) with our email. In this case,  I'm just calling it temp@example.com since it   doesn't really matter, but you would put your own  email that you would have for your GitHub profile. Note that this ssh-keygen is saying  how we're going to generate the key.   This -t and then the ed25519 is the  type of encryption we use for that key.   Note that if you have an older computer or your  computer is not compatible with this encryption,   you can instead use RSA. There's more details in  the GitHub documentation link in the description   box. And then finally we have -c here which  is basically just saying okay here's the email   associated with that key, which is why you  put your own email and not temp@example.com. When I run this, this generates a new SSH key that  we can now use. You will be given this prompt,   asking you where you want to save your key.  You can simply press ENTER to use the default   location. You'll now also be prompted to type  a secure passphrase. This is optional and you   can skip it by pressing ENTER. But if you want  the extra security, you should enter it now. If you do use a passphrase, you can have your  Mac or Windows system save it in the keychain   so you don't have to retype it every single  time. Maybe we can go over that in the future   but for now press ENTER to skip this passphrase. Now that you have the key generated, we need to  make sure a computer's SSH agent knows about it. You can sort of think of the agent as your  wallet to hold your different SSH keys.   We can start up the SSH agent by typing  out eval and then quotes (double quotes),   dollar sign, parentheses, ssh-agent,  space -s, and parentheses, and quotes. Note this is just going to start up our SSH  agent. Note that your system might be a little   different. So if that command didn't quite  work, definitely check out GitHub's guide. Now we can add our private key to the SSH agent.  Think of it as putting our ID into our wallet.   If you have a Mac, you might need to see if this  file already exists the file is from ~/.ssh/config If this file does exist already, we can just  go ahead and open it. But in this case, this   says the file doesn't exist so we'll go ahead and  create that by simply just typing touch and then   the name of the file. In this case, again that ~  (that says it's the home directory) .ssh/config.   Now that the file is there, we can go ahead  and edit it. i'll go ahead and use vim here. Note that since we created this file  and because it didn't exist before,   it's completely blank. So we'll go ahead  and enter this information from scratch.   To add our private key to the SSH agent,  we'll go ahead and type the following: We'll say Host *, and then  AddKeysToAgent yes, and then the name of   the file (basically our key here). So that's  going to be our IdentityFile ~/.ssh/id_ed25519.   And again you might have something slightly  different if you had a different process,   but this file would actually exist inside  the .ssh folder (assuming of course a Mac). Note that this last bit here is actually  generated when we created the key.   If we use the passphrase and want it to be  stored so we don't have to type it every time,   we can use Mac's keychain by adding the  following line: which is UseKeychain   yes. Note if you're on Windows you shouldn't  have to create or populate the file. But since   we're not using a passphrase, I'm going to delete  this line. And we'll go ahead and save this file. And the last part is just simply running ssh-add   and then the name of that file, which in that case  is the .ssh/id_ed25519. Awesome! Looks like this   worked! So the next step is to tell GitHub about  our SSH key that's being used by our computer. So we'll go ahead and switch gears away from  our terminal and go into a browser and open up   github.com. While logged into our GitHub account,  we'll go ahead and navigate to the settings.   Then we'll go ahead and scroll down and look on  the sidebar here until we find "SSH and GGP Keys". We'll click on that and we'll see that  we'll have a new area called SSH keys.   We'll go ahead and click on "New SSH Key". On this page, you'll see that there's a title,   and a key, and something explained to  what we're going to put in this box.  The title is just for us, basically just  telling us what kind of SSH key we're using.  And the key is going to actually come from the  file that we generated when creating our key.  So let's go ahead and open up that file. Now that we're in the terminal, I'll go ahead and  use the cat command to read out the contents of   the file. And the file name is the ~/.ssh (that's  where the folder is) and then the file name is id   and then the encryption name [stumbles over  words] the encryption type we use, ed25519, .pub. The .pub is the important part  representing the public key.   I'll go ahead and copy these contents here.  And remember that this is just what's inside   the file so you could have opened this  up in a text editor if you wanted to.  And then we'll go back to our browser.  We'll go ahead and paste the contents   of that file under the key. And then we'll  give it a meaningful name. In this case,   I'll just call this "Tutorial Key" since  I'm not going to be keeping this key around.  Then we can just simply "Add SSH Key" and  you'll likely be asked for your password. And that's it! In theory you should be all set,  but let's go ahead and test and see if it worked.  We'll go back to a terminal and  simply enter SSH - T git@github.com This is basically just going to say, "Hey,   I'm going to use my SSH key  to try to access github.com". GitHub kind of has this as a practice to make  sure that your connection actually works.  You may get a warning something  like this since this is the first   time we've actually connected. We'll go ahead and say "yes". Then we should see a success right here you  can see "You've successfully authenticated,   but GitHub does not support show access." And that's what we expected we just wanted   to check that our ssh key worked. And  in this case, it looks like it did work!  So now we can go ahead and use that when we use  our clones or pushes and all that good stuff.  Let's go ahead and show you what  you would need to do to do this. Let's go ahead and show how we can use  our SSH key to do something like a clone.  We'll go ahead and go to a repo here (in this  case it's one of my own repos), and I'll go   ahead and click on this code part which is what  you normally would use to find your URL to clone.  But you'll see that there's  an HTTPS, SSH, and GitHub CLI.  We're not going to use CLI right now, and HTTPS  is what we used to use. We're going to use SSH. And you can see here, this part right  here is a little bit different and   you can see the very beginning has git@github.com  versus the HTTPS in the front here.  So we'll go ahead and copy this. And then in  our terminal we'll go ahead and paste that link. And in our terminal, we'll  go ahead and go do git clone   and then paste that link. And you can  see here, it clones this. At this point,   your repo that you've cloned onto your local  machine will now know to use the SSH key.  Note that if you are using a repo that was  using an HTTPS key before instead of an SSH,   you'll have to make sure your remote points to  something like git@github.com versus the HTTPS. So if I were to go ahead and cd into  this, I'll go ahead into "lesson-git...".  If i do get remote -v, you can see  here the origin. And this is the URL.  Note again if you did remote on your previous  repo you would have to update the remote.   And there you go; that's it!  We went through the main steps  of getting SSH keys working.  There's more tweaking customizing you can  do, but I hope this is a good helpful start. Best of luck! And until next time, happy coding!
Info
Channel: Victor Geislinger
Views: 726
Rating: undefined out of 5
Keywords: lesson, lecture, programming, education, learning, git, github, ssh, keys, password, setup, tutorial, keygen, https, authentication, broken, error, rsa, ed25519, encryption, elliptic curves, protect, safe, warning, clone, config, configure, command line, terminal
Id: 8X4u9sca3Io
Channel Id: undefined
Length: 10min 42sec (642 seconds)
Published: Wed Oct 27 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.