🤩 New Cool Developer Tools for you. Explore →
FREE JavaScript Video Series Start Learning →
FLAT 75% OFF All Interactive courses at flat ₹250 / $3.25 only. HURRRRRY!! Explore now
  Signup/Sign In
Tests
MCQs to test your knowledge.
Forum
Engage with the community.
Compilers
Compilers to execute code in browser.
← Back to Questions
Ask Question
Not satisfied by the Answer? Still looking for a better solution?
Ask Question

How to tell git which private key to use?

ssh has the -i option to tell which private key file to use when authenticating:

-i identity_file

Selects a file from which the identity (private key) for RSA or DSA authentication is read.? The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol version 2.? Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple -i options (and multiple identities specified in configuration files).

Is there a similar way to tell git which private key file to use on a system with multiple private keys in the ~/.ssh directory?
authentication git ssh
by

3 Answers

espadacoder11
In ~/.ssh/config, add:


Host github.com

 HostName github.com

 IdentityFile ~/.ssh/id_rsa_github

If the config file is new, you might need to do chmod 600 ~/.ssh/config

Now you can do git clone git@github.com:{ORG_NAME}/{REPO_NAME}.git

Where {ORG_NAME} is your GitHub user account (or organization account)'s GitHub URI name.
Note that there is a colon : after github.com instead of the slash / - as this is not a URI.
And {REPO_NAME} is your GitHub repo's URI name
For example, for the Linux kernel this would be git clone git@github.com:torvalds/linux.git).
NOTE: On Linux and macOS, verify that the permissions on your IdentityFile are 400. SSH will reject, in a not clearly explicit manner, SSH keys that are too readable. It will just look like a credential rejection. The solution, in this case, is:


chmod 400 ~/.ssh/id_rsa_github
RoliMishra
Environment variable 
GIT_SSH_COMMAND:

From Git version 2.3.0, you can use the environment variable 
GIT_SSH_COMMAND
like this:

GIT_SSH_COMMAND="ssh -i ~/.ssh/id_rsa_example" git clone example

Note that -i can sometimes be overridden by your config file, in which case, you should give SSH an empty config file, like this:

GIT_SSH_COMMAND="ssh -i ~/.ssh/id_rsa_example -F /dev/null" git clone example

Configuration 
core.sshCommand:

From Git version 2.10.0, you can configure this per repo or globally, so you don't have to set the environment variable any more!

git config core.sshCommand "ssh -i ~/.ssh/id_rsa_example -F /dev/null"

git pull

git push
pankajshivnani123
There is no direct way to tell git which private key to use, because it relies on ssh for repository authentication. However, there are still a few ways to achieve your goal:

Option 1: ssh-agent
You can use ssh-agent to temporarily authorize your private key.

For example:

$ ssh-agent sh -c 'ssh-add ~/.ssh/id_rsa; git fetch user@host'


Option 2: GIT_SSH_COMMAND
Pass the ssh arguments by using the GIT_SSH_COMMAND environment variable (Git 2.3.0+).

For example:

$ GIT_SSH_COMMAND='ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \

  git clone user@host

You can type this all on one line — ignore $ and leave out the \.

Option 3: GIT_SSH
Pass the ssh arguments by using the GIT_SSH environment variable to specify alternate ssh binary.

For example:


$ echo 'ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $*' > ssh

$ chmod +x ssh

$ GIT_TRACE=1 GIT_SSH='./ssh' git clone user@host

Note: The above lines are shell (terminal) command lines which you should paste into your terminal. They will create a file named ssh, make it executable, and (indirectly) execute it.

Note: GIT_SSH is available since v0.99.4 (2005).

Option 4: ~/.ssh/config
Use the ~/.ssh/config file as suggested in other answers in order to specify the location of your private key, e.g.

Host github.com

  User git

  Hostname github.com

  IdentityFile ~/.ssh/id_rsa

Login / Signup to Answer the Question.

LoginSignup