As of August 13, 2021 GitHub will stop supporting username-password authentication as a means of checking files into their repository. Reading from a github repository doesn't require logging in (e.g., "git clone") so that will continue to work, but support for writing back to github without a more secure authentication method will end.

This page contains notes on how I set up SSH keys to push and pull from my account on github. It's generally recommended that you read and follow their more extensive documentation (see the first bold link below) about how to set up either "personal access tokens" or SSH keys. These are my notes about how I did set up access using SSH keys; I learned how from the github documentation.

A Typical Edit Session#

  1. make some changes to files within a git project directory
  2. view the status of files with git status, maybe adding additional files with git add filename, or just add all updated files with git add -u
  3. commit the changes with git commit -m 'message describing the changes'
  4. push the changes to the repository with git push

If on that last step github asks your for username and password, that will stop working this coming August. You'll need to either use access tokens (e.g., OAuth) or SSH keys.

Steps to Configuring SSH Keys#

Generating a New SSH Key#

Generate an SSH key using the Ed25519 algorithm:

$ ssh-keygen -t ed25519 -C "your_email@example.com"
This creates a new ssh key named "id_ed25519", located in the ~/.ssh/ directory), using the provided email as a label.

When you're prompted to "Enter a file in which to save the key," press Enter. This accepts the default file location.

At the prompt, type a secure passphrase. For more information, see "Working with SSH key passphrases".

Adding the SSH Key to the ssh-agent#

Start the ssh-agent in the background.

If you're using bash shell:

$ eval "$(ssh-agent -s)"
Agent pid 59566
or csh/tcsh:
% eval `ssh-agent`
Agent pid 59566

Then add your SSH private key to the ssh-agent:

$ ssh-add ~/.ssh/id_ed25519

Now check that you can authenticate with github:

$ ssh -T git@github.com
Hi [username]! You've successfully authenticated, but GitHub does not provide shell access.
If things are working you'll see the above message.

This will unfortunately need to be repeated upon each reboot. If you're using csh or tcsh as your shell you can add these two lines to your .cshrc file:

eval `ssh-agent`
ssh-add ~/.ssh/id_ed25519

If you're using bash you'd use the bash equivalents, to .bashrc.

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519

Set Username and Email Address#

So that git knows who you are for a push, set your username:

git config --global user.name "FIRST_NAME LAST_NAME"

...and set your email address:

git config --global user.email "MY_NAME@example.com"

This isn't necessary if doing a clone on someone else's repository.

Set URL Protocol to git: Rather than http:#

From within a git-managed directory, make sure you're using the git: protocol rather than http:} to connect to git:

% git remote -v
origin	git@github.com:[username]/[path] (fetch)
origin	git@github.com:[username]/[path] (push)
If you see an http: protocol like below:
 ► git remote -v
origin	https://github.com/[username]/[path] (fetch)
origin	https://github.com/[username]/[path] (push)
you should change the connection URL to git: protocol using:
% git remote set-url origin git@github.com:[username]/[repository-path].git
In the case of the NZPRG ros, this would be:
% git remote set-url origin git@github.com:ifurusato/ros.git

Try It Out#

If all is configured correctly you should be able to do a git push without being asked for your username and password.


Tags:  Recipe