In this article, in addition to the content of the title, explanations about various settings will also be included in order to deepen the basic understanding of ~/.ssh/config. Although GitHub is used as an example, settings for ~/.ssh/config that can also be used when connecting to Bitbucket, GitLab, and Git servers are described.
言語切り替え
TECH
BLOG
How to write ~/.ssh/config when connecting to GitHub
2020
年
11
月
How to write ~/.ssh/config
If your SSH key is unregistered Official site instructions Follow the instructions to generate and register the key in advance.
First, let's take a look at the ~/.ssh/config settings to connect to GitHub. It is assumed that the SSH key used for authentication on GitHub has already been registered and the private key is placed in ~/.ssh/github.
~/.ssh/config
Host GitHub.com
identityFile ~/.ssh/github
User git
The various settings in ~/.ssh/config are as follows.
Item Description Host Specify the host name Specify the secret key to be used when connecting to the IdentityFile User specify the username when connecting
By performing the settings, when connecting to GitHub.com via SSH, git will be specified as the username, and an SSH connection will be attempted using the private key that exists in ~/.ssh/github.
Immediately, I'll try git cloning an appropriate private repository in order to check if the authentication has passed correctly when connecting to GitHub.com.
Execution result of git cloning a private repository (successful). If you can confirm that you can successfully git clone, it's a success.
I want to use different private keys depending on the connection destination
There is no problem when authenticating using the same private key all the time on GitHub, but for example, I think there are cases where GitHub accounts are used separately for private use and work use, and you want to use different private keys depending on the repository location.
In that case It can be handled by changing the ~/.ssh/config settings and the connection information to the git remote repository.
For example, let's say you have a private GitHub account A and a work GitHub account B. At that time, the settings for using A's private key when GitHub-A is the host and B's private key when GitHub-B is the host are as follows.
~/.ssh/config
# Connection settings for use with a private GitHub account
Host GitHub-A
Hostname GitHub.com
identityFile ~/.ssh/GitHub-A
User git
# Connection settings for use with a work GitHub account
Host GitHub-b
Hostname GitHub.com
identityfile ~/.ssh/GitHub-b
User git
A new item called hostName has been set. HostName specifies the connection destination.If nothing is specified for HostName, the value is set to the same value as Host.
Since I want to switch accounts for the same connection destination this time, Host is a value that can identify the account (ex: GitHub-a, GitHub-b, etc.) The settings were divided for each account by explicitly specifying the connection destination GitHub.com as the hostname.
Next, change git's connection information to the remote repository.
If User is specified in ~/.ssh/config, the user is automatically set when connecting to that host, so there is no problem even if git, which is the username, is removed from the connection URL.
# Current remote repository URL
Git remote -v
origin git@github.com: nikaera/private-repository.git (fetch)
origin git@github.com: nikaera/private-repository.git (push)
# Remote Repository URL
# git@github.com: from nikaera/private-repository.git
# GitHub-A: change to nikaera/private-repository.git
# (the git username has been removed from the change destination)
git remote set-url origin GitHub-A: nikaera/private-repository.git
# Newly set remote repository URL
Git remote -v
origin GitHub-A: nikaera/private-repository.git (fetch)
origin GitHub-A: nikaera/private-repository.git (push)
In this state, try executing the git ls-remote origin command in the private repository that was git cloned earlier, and if the results can be obtained normally, the settings are correct.
Then try connecting using B's account information.
# Current remote repository URL
Git remote -v
origin GitHub-A: nikaera/private-repository.git (fetch)
origin GitHub-A: nikaera/private-repository.git (push)
# Remote repository URL from GitHub-A:nikaera/private-repository.git
# GitHub-b: change to nikaera/private-repository.git
git remote set-url origin GitHub-b: nikaera/private-repository.git
# Newly set remote repository URL
Git remote -v
origin GitHub-b: nikaera/private-repository.git (fetch)
origin GitHub-b: nikaera/private-repository.git (push)
B does not have permission to read the private repository mentioned above, and if you try running the git ls-remote origin command, it should fail.
Now, all you have to do is rewrite the Git remote repository URL once, and you can set up GitHub authentication with an appropriate private key for each.
Simply as configuration information when connecting to a Git server via SSH, there is no problem if you keep the above items in check. However, there are other items that should be set, and in some cases, items that need to be set.
Basically, the items you should set
Other items that should be set are as follows.
~/.ssh/config
Host GitHub.com
identityFile ~/.ssh/github
User git
identitiesOnly yes # Attempt authentication only with the private key specified in identityFile
Compression yes # compress when transferring files with Git
Boolean (yes or no) compression that specifies whether to perform authentication only with the key file specified in the item description type IdentitiesOnlyIdentityFile Boolean (yes or no) that specifies whether to perform compression transfer
If authentication passes with a file other than the one specified in identityFile, there is a possibility that authentication has not passed properly with the intended account.
Therefore,Unless you have a specific reason, you should set identitiesOnly to yes.
If identitiesOnly is set to no ssh-add Authentication will also be attempted from among the keys registered in
We also recommend setting Compression to yes.This is because in projects where programming is being performed, the number of text files should account for the majority, so it is expected that the speed of file transfer will improve if compression transfer is enabled.
However, Compression has uploaded a single large file, etc.Note that in the case of a project containing files with poor compression efficiency, the transfer speed may drop in reverse.
Items that need to be set depending on the connection destination
The following items are likely to need to be set according to the connection destination.
~/.ssh/config
Host GitHub.com
identityFile ~/.ssh/github
User git
Port 12345 # Specify when the destination port is other than 22
Item description type PortSSH number to set the port number for connection (ex: 22, 22222, etc.)
For example, when connecting to a Git repository prepared by yourself, the SSH port may not be the well known port 22 due to security reasons, etc. In that case, it will be necessary to set the port number at the time of connection to an appropriate value by explicitly specifying Port.
concluding
This time, I wrote about how to set ~/.ssh/config based on an example when connecting SSH to GitHub. Although the Host is set with ~/.ssh/config, there were few articles that clearly stated that there are cases where the Git remote repository URL should be changed accordingly, so I wrote it.
Also, in this article, we focused on setting ~/.ssh/config when connecting to Git, but there are also items such as ~/.ssh/config that are good to set when working with an SSH connection to a server.
If you understand the various settings in ~/.ssh/config, you can reduce the cost of frequently executed commands, which is convenient. particularly @oohira Mr.'s This article It was very helpful.
Reference links
RELATED PROJECT
No items found.