How to Use SSH with GitHub (Instead of HTTPS) on Windows WSL
Instead of using
HTTPS to access our repositories on GitHub, we can use
HTTPS is Universally Accessible. GitHub repositories are generally more universally accessible through
SSH. It only requires account credentials (username, password, etc.) to perform writes to the repository. There’s no setup required.
HTTPS is also a port open on all firewalls, unlike
SSH, which may be blocked by a firewall (although,
SSH can be tunneled over
HTTPS if blocked)
SSH is “Secure”.
SSH keys allow GitHub to identify trusted computers, without using passwords. If my account credentials are stolen by an attacker, then my password can be changed to block access to my repositories. But if my private key were to be stolen, there’s much less an attacker can do. They could force push to a repostory, or even change the history, but that’s much more recoverable. GitHub will also automatically remove
SSH keys that have been inactive for a year.
I always use a different, new
SSH key for each machine I’m working on (both physical and virtual). If one key is compromised, then it’s only compromised on that machine. I can log in from another machine and delete that key manually.
1. Obtain an
Check for an existing key
The first thing to do is to see if there is an existing
SSH key that we can use.
ls -al ~/.ssh
SSH key already exists, we’ll likely see one or more of the following files:
id_rsa.pub id_ecdsa.pub id_ed25519.pub
If these files don’t exist, we’ll generate a new key. If they do, we can directly add the key to
ssh-agent (if we haven’t already) and then to our GitHub account.
Generate a new key
We’ll run the following, replacing
firstname.lastname@example.org with your GitHub account email.
ssh-keygen -t ed25519 -C "email@example.com"
When prompted to enter the file location, just press
Enter to use the default file location.
When prompted to type a passphrase, type in a secure passphrase to add an extra layer of security to this process.
2. Add key to
We’ll want to add our key to the
ssh-agent in order to manage multiple, custom-named keys.
Any attempt to authenticate to a server will require us to use our private key to prove that we are who we say we are.
Since we used a passphrase to protect our private keys, each attempt will also require us to enter this passphrase, which can get tedious. This
ssh-agent will cache our key and allow us to enter the passphrase only once (at the start of our session).
If we are routinely using
SSH to access a variety of machines, each with their own private keys and passphrases,
ssh-agent will allow us to use multiple keys very easily. It tries every available key in the key agent.
eval "$(ssh-agent -s)" ssh-add ~/.ssh/id_ed25519
These commands will start the
ssh-agent in the background, and then add our private key to the
3. Add key to GitHub account
First, we need to copy the public key to our clipboard.
On Windows, we can use
cat piped with
clip (or just use
cat and copy directly from the terminal).
cat ~/.ssh/id_ed25519.pub | clip
Now, we want to head over to our GitHub Key Settings page.
This will bring us to
SSH and GPG keys.
New SSH key.
Title, specify the machine you are on (
Personal Thinkpad WSL).
Key, paste in the key.
4. Test SSH connection
Let’s verify our setup.
ssh -T firstname.lastname@example.org
When prompted to verify the authenticity of host
github.com, verify that the
RSA key fingerprint matches our key, and then type in
If we don’t get a
Permission denied (publickey) error, then we’re all ready to go. Otherwise, we should go look through some troubleshooting docs.
More CLI Articles
- How to Reset a Local Branch to the Remote Branch in Git
- How to Pull a Remote Branch in Git
- How to Install Powerline in WSL2 Terminal
- How to Zip and Unzip Files in WSL2
- How to List All Git Aliases
- How to Add, Commit, and Push in One Git Command
- How to Replace a Local Branch with a Remote Branch in Git
- How to Revert a Specific File or Folder in Git
- How to Install Hugo on WSL2
- How to Install Node.js and npm on WSL2
- How to Revert to a Previous Commit in Git without Modifying History
- How to Merge a Branch Into Another Branch in Git
- How to Fix "xcrun error invalid active developer path" with Git on macOS
- How to Update Node to Another Version on Windows WSL
- How to Delete Files with a Specific Extension in all Subdirectories Recursively
- How to Suppress Output of npm install
- How to Pass Environment Variables to Makefiles in Subdirectories
- How to Access Environment Variables in a Makefile
- How to Reset Password on Ubuntu Linux
- How to Pull a Branch from Another User's Fork using Git
- How to Align GitHub README images in Markdown
- How to Merge Development and Production Branches in Git
- How to Quickly Push to Git with a Bash Script
- How to Change Author of Commit in Git History
- WSL2: How to Fix "Virtual hard disk files must be uncompressed and unencrypted and must not be sparse"
- How to Replace a Branch with Another Branch in Git
- How to Delete a Git Branch Locally and Remotely
- How to Schedule Recurring Deploys in Netlify
- How to View All Global Packages in npm
- How to Test an npm package locally
- How to Update an npm Package (Fixing "You cannot publish over the previously published versions")
- How to Undo Changes in a Single File in Git
- How to Fix the Netlify error: "Treating warnings as errors because process.env.CI = true"
- How to Set the Default Directory for Git Bash on Windows
- How to Search Past Terminal Commands in Linux
- How to Get the Count of Files with each File Extension in Linux
- How to Find All Files with a Specific File Extension in Linux
- How to Run Multiple Commands Simultaneously in Linux
- How to Watch a File in Linux using tail
- Linux Timestamps: The Difference Between atime, mtime, ctime, and crtime
- How To Remove Duplicate Lines While Maintaining Order in Linux
- How To Count the Number of Non-Empty Output Lines in Linux
- How To Find All IP Addresses within a File in Linux with grep
- How To Rename Every File in all Subdirectories in Windows CMD