If you’ reading about multiple SSH keys, I can reasonably assume you already have an ssh key pair that you’ve been using to login to remote servers. It’s probably called something like:
Existing SSH Keys
That is, your existing private key is inside the
.ssh folder of your home folder with the private key being called
id_rsa and the public key being called
id_rsa.pub. Do not get these two mixed up!
Let’s create a new SSH key pair by opening the Terminal and using the command:
Creating New SSH Key Pair
ssh-keygen -t rsa -b 4096 -C "email@example.com"
When prompted with the option to give your key a name, call it something memorable.And now you have another key in your .ssh folder. Note: when prompted to name your new key make sure you give it full path of your .ssh folder and not just the name, like so:
New SSH Key Location
We can use an inbuilt feature of the SSH implementation called the ssh-agent to manipulate and use your SSH keys.
First let’s list any existing keys with:
That’s purely for your information. I recommend you delete your keys from the agent and start again with:
Now that there are no keys cached for later use we can re-add only the keys we intend to use regularly. Add the key you use most first!
Add the keys with:
ssh-add -K ~/.ssh/id_rsa
ssh-add -K ~/.ssh/second_id_rsa
-K flag in the above command tells the ssh-agent to store the keys in the keychain.
Keys added, we finally run a quick command to list our keys just to make sure they are there with:
Which should respond with something that looks like this:
4096 SHA256:OZQNwcH6XWjbELaCNy2+uRUOdTHlEwMpC1McYrccpmG /Users/you/.ssh/id_rsa 4096 SHA256:E9cbZEQPTeVPaWjssZK1yjwdUmFQUhEmYlE34XylY8B /Users/you/.ssh/second_id_rsa
Load keys at launch
This is a reasonably hacky solution, but to make sure your keys are loaded every time you open the terminal add the following lines to either your .bash_profile or .zshrc or other shell configuration file of your choice. Open your chosen shell profile in an editor:
Add the following near the bottom:
# SSH Agent Stuff ssh-add -K ~/.ssh/id_rsa ssh-add -K ~/.ssh/second_id_rsa
We now need to make some small changes to the ssh config file so that it knows which keys to use. Edit ssh config (if you don’t have this file, create it):
Add the following contents (obviously changing it to suit your needs):
Host * UseKeychain yes AddKeysToAgent yes # First Host first HostName github.com User git PreferredAuthentications publickey IdentityFile ~/.ssh/id_rsa IdentitiesOnly yes # Second Host second HostName github.com User git PreferredAuthentications publickey IdentityFile ~/.ssh/second_id_rsa IdentitiesOnly yes
Now, when you clone any repository the normal command of:
For any existing repositories you might have, navigate to them in the terminal and edit the repository specific config file with:
Then edit the file so it looks something like the following. Note: there will be other things in the file but the pertinent lines are the
[remote "origin"] url = git@first:your_github_username/first_repo.git fetch = +refs/heads/*:refs/remotes/origin/* [user] name = your_github_username email = firstname.lastname@example.org
You should then be able to push and full to all of your repositories and have SSH use the correct key pair. Hit me up if you have any problems.