In order to use git
over ssh
, you need ssh keys. When you want to use multiple keys for different domains, you have to know where and how to configure it. I always forget where this configuration file is stored, so here I make a short note about it. Just edit ~/.ssh/config
, e.g.:
vim ~/.ssh/config
Then put there something like:
Host github.com
HostName github.com
IdentityFile ~/.ssh/id_rsa_github
Host gitlab.com
HostName gitlab.com
IdentityFile ~/.ssh/id_rsa_gitlab
Et violà!
Source: https://superuser.com/a/232406/950943
Edit: Troubleshooting: On AWS' EC2 machines you may get an Bad owner or permissions on /home/ec2-user/.ssh/config
error when trying to clone a repository, e.g.:
[ec2-user@ip-my-ip ~]$ git clone git@gitlab.com:mikbuch/my-repo-name.git
Cloning into 'my-repo-name'...
Bad owner or permissions on /home/ec2-user/.ssh/config
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
You have to make sure that you have 400
permission on your ~/.ssh/config
file, i.e.:
[ec2-user@ip-my-ip ~]$ ls -la ~/.ssh/
total 12
drwx------ 2 ec2-user ec2-user 73 Dec 29 19:51 .
drwx------ 7 ec2-user ec2-user 175 Dec 29 19:52 ..
-r-------- 1 ec2-user ec2-user 1831 Dec 29 19:50 my-deployment-key.pem
-rw------- 1 ec2-user ec2-user 957 Dec 20 20:25 authorized_keys
-rw-rw-r-- 1 ec2-user ec2-user 81 Dec 29 19:51 config
Use the following command to change the permissions:
[ec2-user@ip-my-ip ~]$ chmod 400 ~/.ssh/config
See the result:
[ec2-user@ip-my-ip ~]$ ls -la ~/.ssh/
total 16
drwx------ 2 ec2-user ec2-user 92 Dec 29 19:53 .
drwx------ 8 ec2-user ec2-user 196 Dec 29 19:53 ..
-r-------- 1 ec2-user ec2-user 1831 Dec 29 19:50 my-deployment-key.pem
-rw------- 1 ec2-user ec2-user 957 Dec 20 20:25 authorized_keys
-r-------- 1 ec2-user ec2-user 81 Dec 29 19:51 config
-rw-r--r-- 1 ec2-user ec2-user 207 Dec 29 19:53 known_hosts
Now the clonning should work:
[ec2-user@ip-my-ip ~]$ git clone git@gitlab.com:mikbuch/my-repo-name.git
Cloning into 'my-repo-name'...
The authenticity of host 'gitlab.com (2606:4700:90:0:f22e:fbec:5bed:a9b9)' can't be established.
ECDSA key fingerprint is SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw.
ECDSA key fingerprint is MD5:f1:d0:fb:46:73:7a:70:92:5a:ab:5d:ef:43:e2:1c:35.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'gitlab.com,2606:4700:90:0:f22e:fbec:5bed:a9b9' (ECDSA) to the list of known hosts.
remote: Enumerating objects: 287, done.
remote: Counting objects: 100% (206/206), done.
remote: Compressing objects: 100% (169/169), done.
remote: Total 287 (delta 37), reused 200 (delta 36), pack-reused 81
Receiving objects: 100% (287/287), 1.25 MiB | 3.19 MiB/s, done.
Resolving deltas: 100% (64/64), done.
Top comments (4)
I had to solve using 2 GitHub accounts via ssh from the same machine... Maybe I should post about it
Nice one! I'd love to see a post like that.
Git account management on the same machine is even trickier than key management :/
I don't know if identity by destination host is a good reason for multiple keys.
Those seem more reasonable. But still not sure.
Yes, you are generally right, as far as we are concerned only the personal keys. What I had in mind was more of a case where you have, e.g., "deploy keys" like for different CI/CD pipelines, using GitLab, Jenkins, GitHub, etc. -- then in some sense you can be forced to use (and manage) different keys.
If I get you comment right, of course. Anyways, it all depends on particular use-case, I guess.
Thanks for the comment! :)