Working with multiples SSH keys

multiple_ssh_setting.md

Working with multiple SSH keys

Step 1. Ensure you have an SSH client installed

ssh -V
ls -a ~/.ssh 

Step 2. Set up your identity

You can create a default identity

$ ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/username/.ssh/id_rsa):
----
Enter passphrase (empty for no passphrase):

You can create multiple SSH identities with this three ssh- commands:

SSh Command	Purpose
ssh-keygen	Create keys pairs
ssh-agent	Agent for proving keys to remote servers. The agent holds loaded keys in memory
ass-add	Loads a private key into the agent

Create multiple identities

ssh-keygen -t rsa -f ~/.ssh/personalid -C "personalid"

'-t' force pseudo-terminal allocation.
'-f' requests ssh to go to background just before command execution.
'-C' requests compression of all data.

$ ssh-keygen -t rsa -f ~/.ssh/personalid -C "personalid"
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/username/.ssh/personalid.
Your public key has been saved in /Users/username/.ssh/personalid.pub.
The key fingerprint is:
7a:9c:b2:9c:8e:4e:f4:af:de:70:77:b9:52:fd:44:97 personalid
The key's randomart image is:
+--[ RSA 2048]----+
|         |
|         |
|        .|
|        Eo|
|  .  S  . ..|
|  . . o . ... .|
|  . = = ..o o |
|  . o X ... . .|
|  .ooB.o ..  |
+-----------------+

Create a SSH config file

When you have multiple identity files, creating a SSH config file allows you to create aliases for your various identities. The format for the alias entries used is:

Host alias 
HostName github.org 
IdentityFile ~/.ssh/identity

1. Edit the ~/.ssh/config file
2. Add an alias for each identity combination

Host github-workid
 HostName github.org
 IdentityFile ~/.ssh/workid

Host bitbucket-personalid
 HostName bitbucket.org
 IdentityFile ~/.ssh/personalid

Host github-personalid
 HostName github.com
 IdentityFile ~/.ssh/personalid

Load each key into appropiate Host account

Copy your specific public key (.pub)

cat ~/.ssh/id_rsa.pub

pbcopy < ~/.ssh/id_rsa.pub

Step 3. ssh-agent

Ensure the ssh-agent is running and loaded with your keys

1. Check if the process is already running:

ps | grep ssh-agent
----
$ ps | grep ssh-agent
4013 ttys001    0:00.00 grep ssh-agent

• If not run ssh-agent.
• If there is more than 1 process running use kill PID command to stop each of them. Then restart a single instance.

2. List the currently loaded keys:

ssh-add -l

3. If necessary, add your new key to the list:

ssh-add -K ~/.ssh/personalid
----
$ ssh-add ~/.ssh/personalid
Enter passphrase for /Users/username/.ssh/personalid:
Identity added: /Users/username/.ssh/personalid

4. List the keys again to verify the add was successful:

ssh-add -l

5. Adds keys automatically If for any reason your keys are not re-added automatically to the ssh-agent after a reboot, follow this post: https://github.com/jirsbek/SSH-keys-in-macOS-Sierra-keychain

Solution

Apple updated its Technical Notes to indicate that since 10.12.2, macOS includes version 7.3p1 of OpenSSH and its new behaviors.

In ~/.ssh create config file with the following content:

Host * (asterisk for all hosts or add specific host)
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile <key> (e.g. ~/.ssh/userKey)

Step 4. Repositories

Clone git repository

1. Using the default key: git clone [email protected]:username/project.git
2. Using a specific key: git clone git@personalid:username/project.git (git@personalid:iarroyo5/project.git)

Step 5. known_hosts

Remove entries from known_hosts:

ssh-keygen -R hostname