ssh-keygen -t rsa -b 4096 -C "[email protected]"
This creates a new ssh key, using the provided email as a label.
Generating public/private rsa key pair.
When you're prompted to "Enter a file in which to save the key," press Enter. This accepts the default file location.
Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]
At the prompt, type a secure passphrase. For more information, see "Working with SSH key passphrases".
Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. When adding your SSH key to the agent, use the default macOS ssh-add command, and not an application installed by macports, homebrew, or some other external source.
Start the ssh-agent in the background.
eval "$(ssh-agent -s)" Agent pid 59566
If you're using macOS Sierra 10.12.2 or later, you will need to modify your ~/.ssh/config file to automatically load keys into the ssh-agent and store passphrases in your keychain.
Host * AddKeysToAgent yes UseKeychain yes IdentityFile ~/.ssh/id_rsa
Add your SSH private key to the ssh-agent and store your passphrase in the keychain. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_rsa in the command with the name of your private key file.
ssh-add -K ~/.ssh/id_rsa
Note: this command doesn't add any keys into keychain if your ssh key won't created with passphrase when generate a ssh key with ssh-keygen command.
Note: The -K option is Apple's standard version of ssh-add, which stores the passphrase in your keychain for you when you add an ssh key to the ssh-agent. If you don't have Apple's standard version installed, you may receive an error. For more information on resolving this error, see "Error: ssh-add: illegal option -- K."
We need a way to specify when we wish to push to our personal account, and when we should instead push to our company account. To do so, let's create a config file.
#Default GitHub Host home AddKeysToAgent yes UseKeychain yes HostName github.com IdentityFile ~/.ssh/home
This is the default setup for pushing to our personal GitHub account. Notice that we're able to attach an identity file to the host. Let's add another one for the company account. Directly below the code above, add:
Host work AddKeysToAgent yes UseKeychain yes HostName github.com IdentityFile ~/.ssh/work
This time, rather than setting the host to github.com, we've named it as work. To add remote url for home we use following notation: git remote add origin [email protected]:user/repo.git. For work we use git remote add origin git@work:user/repo.git. Difference between them in first one we use default name of host github.com, the second one we use the name of public key, in our case it's work.
To connect to a host without authorized_keys, you can skip the keys altogether with:
ssh -o PubkeyAuthentication=no other.example.com