Manage Keys with ssh-agent and Add SSH Configuration

Ryan Harris
InstructorRyan Harris

Share this video with your friends

Send Tweet
Published 2 years ago
Updated 2 years ago

In this lesson, we have two local SSH keys: one associated with our personal GitHub account, the other with our work account.

To more easily manage them, we will use ssh-add to add our keys to our system's key manager ssh-agent. Then, we will create a SSH configuration file, which will determine what key to use when connecting to GitHub based upon the URL.

Once we have set up our configuration file, we can test our connections using ssh -T and clone repositories with git clone.

Commands we will be using in the lesson:

  • ls
  • ssh-add
  • touch
  • ssh
  • git clone

Ryan Harris: [0:00] Here in our SSH directory, if we ls -l to list out all of the files inside, we can see that we've already set up two SSH keys, our personal and our work. To easily manage these on our system, we can use a tool called SSH agent, which is like a CLI password manager for keys.

[0:19] The first thing we'll do is we'll run ssh-add id_rsa_personal, hit Enter. You can see we've now added an identity to the SSH agent. Now, if we run ssh-add id_rsa_work and hit Enter, we'll add a new identity for our work key.

[0:40] To confirm that both of the keys have been added to the SSH agent properly, we can run the command ssh-add -l. You can see here we're managing two different keys.

[0:52] Now that we're managing both of these keys with the SSH agent, we'll want to create a SSH configuration file for our system by running touch config. This file will tell SSH agent which key to use when interacting with GitHub, so let's open it with vim by running vim config.

[1:12] Then, we can hit i to enter INSERT mode, and I'm going to paste in my configuration for my personal account. What you see here is a host block that determines what options we're going to use when interacting with this SSH remote server. When we push, pull, or clone repos from github-personal, we'll automatically use our personal SSH key as specified here.

[1:38] Let's do the same thing for our work account. I'm going to paste another host block here. As you can see here, the main difference is that we've changed the remote URL and added -work instead of -personal. Instead of using our personal SSH key, we've defined that we want to use our work SSH key.

[1:56] We'll hit Esc :wq and then Enter to write the file and quit. Let's confirm that our connections are working using our SSH keys and configuration by running ssh -T, and we'll say yes.

[2:15] As you can see, we've successfully authenticated with this username. We can do the same thing for our work account ssh -T, and again, we've authenticated, but this time with our other username.

[2:30] Let's see this in action by cloning this personal-repo over here. First, we'll copy the git URL, come into our terminal and type git clone, and we'll paste that URL. However, before we hit Enter, we need to update this host by typing -personal. This is what tells our SSH configuration that we want to use our personal key. If we hit Enter, you can see that we've successfully cloned the repo.

[2:54] We can also do the same thing with this work-repo that's in my other account. Again, we'll copy the git URL, come back into our terminal, type git clone, paste the URL, but this time we'll add -work, so that we use our work key since this is our work account. Then, we'll hit Enter. You can see we've again cloned successfully using our other SSH key.

[3:20] If we ls -l, you can see we have both our personal-repo and our work-repo.