How to Setup Multiple Ssh Keys for Multiple Github/Bitbucket accounts
Hi everyone,
Everytime I get a new computer (which is not that often but often enough to write this), I am “struggling” with Git configuration for the different code repository accounts I have.
And everytime I have a new computer, I can’t remember what I did a few years/months ago to set it up properly.
So that post is as much for future me than it is for present you, as you are reading it. 🤔
tl;dr
To sum up what we are going to do, we are going to create a bunch of SSH keys for our personal and professional identities on Github, Gitlab and Bitbucket and add them to the SSH-Agent.
Then we are going to configure which key must be used based on the host.
Then we are going to add the relevant keys to the corresponding service (Github, Gitlab and Bitbucket).
So we can clone, push and pull to repositories with the proper identities.
Every command to perform these actions is described below. 👨💻 ⬇️
Enjoy. 😎
Introduction
I have a personal accounts on GitHub, Bitbucket and GitLab and I have some work accounts on Github, Gitlab and Bitbucket.
How could I define everything to work properly through SSH Keys so that my system relies on the proper SSH key based on the identity it has to use.
For this particular post, we are going to connect a personal and professional identity for each accounts.
But you can add as many as you need. 😉
🔑 Keys Generation
We are going to create some default identities.
We can use the same SSH key to do that or we can use a specific key per account.
Same key : id_rsa
Specific key per account : id_rsa_github; id_rsa_bitbucket; id_rsa_gitlab
Let’s use the “ specific key per account” method. It will be clearer for everyone to understand the concept then.
Moreover we need the e-mail address that you are using for these accounts
But feel free to do whatever suits your need. 😉
👨💻 🗝️ Personal Keys Generation
✍️ Information Required
Let sum up what we need in a table
🛠️ Keys creation
Let’s run these commands to create the SSH keys.
ssh-keygen -f "~/.ssh/id_rsa_github" -t rsa -b 4096 -C "name.github@gmail.com"
ssh-keygen -f "~/.ssh/id_rsa_gitlab" -t rsa -b 4096 -C "name.gitlab@gmail.com"
ssh-keygen -f "~/.ssh/id_rsa_bitbucket" -t rsa -b 4096 -C "name.bitbucket@gmail.com"Now, we have 3 keys for our personal use.
🏢 🔑 Organization Keys Generation
✍️ Information Required
Let sum up what we need in a table
🛠️ Keys creation
Let’s run these commands to create the SSH keys.
ssh-keygen -f "~/.ssh/id_rsa_github_companyName" -t rsa -b 4096 -C "name.github@company.com"
ssh-keygen -f "~/.ssh/id_rsa_gitlab_companyName" -t rsa -b 4096 -C "name.gitlab@company.com"
ssh-keygen -f "~/.ssh/id_rsa_bitbucket_companyName" -t rsa -b 4096 -C "name.bitbucket@company.com"Now, we have 3 keys for our organisation use.
📦 Add the SSH Keys to the SSH-Agent
We have now 6 SSH keys. Let add them to the SSH-Agent.
# Add the personal keys
ssh-add ~/.ssh/id_rsa_github
ssh-add ~/.ssh/id_rsa_gitlab
ssh-add ~/.ssh/id_rsa_bitbucket# Add the organisation keys
ssh-add ~/.ssh/id_rsa_github_companyName
ssh-add ~/.ssh/id_rsa_gitlab_companyName
ssh-add ~/.ssh/id_rsa_bitbucket_companyName
So we have in the SSH-Agent the 3 keys for our personal use and the 3 keys for our organisation usage.
Now it is mandatory to set up the configuration in order to define which key has to be use depending on the context.
📝 Configuration
Open the ~/.ssh/config file or create it if it doesn't exist yet.
nano ~/.ssh/configWe are going to define some rules based on the hosts.
Host github.com
HostName github.com
IdentityFile ~/.ssh/id_rsa_githubHost gitlab.com
HostName gitlab.com
IdentityFile ~/.ssh/id_rsa_gitlabHost bitbucket.org
HostName bitbucket.org
IdentityFile ~/.ssh/id_rsa_bitbucketHost companyname.github.com
HostName github.com
IdentityFile ~/.ssh/id_rsa_github_companyNameHost companyname.gitlab.com
HostName gitlab.com
IdentityFile ~/.ssh/id_rsa_gitlab_companyNameHost companyname.bitbucket.org
HostName bitbucket.org
IdentityFile ~/.ssh/id_rsa_bitbucket_companyName
Save and close the file by hitting Ctrl+O (Ctrl+X to exit the file).
💭 Add the Keys to your Repositories Accounts
Everything is setup properly on locally. Now we have to add the SSH public keys to the services you are using.
On MacOS, it is pretty easy to copy a SSH key to the clipboard.
pbcopy < ~/.ssh/id_rsa.pub🐙 Github
Let’s login to your Github account and go to the account’s settings.
Select “SSH and GPG Keys”.
Click on the “New SSH Key” button.
1. Add the Personal SSH Key to Github :
2. Add the Organization SSH Key to Github:
🦊 Gitlab
To be added
🗑️ Bitbucket
Let’s log in to your Bitbucket account and go to the account’s settings.
Select “Bitbucket Settings” and “SSH Keys”.
Click on the “Add key” button.
1. Add the Personal SSH Key to Bitbucket :
2. Add the Organization SSH Key to Bitbucket :
👨👦 Clone Repositories
Now that we have our Setup for all our environments, we can clone repositories from Github, Gitlab or Bitbucket with the proper identity.
👨💻 Personal Repositories
So we can clone the projects using a command you should have used numerous times.
git clone git@bitbucket.org:yourPersonalAccount/pet-project.git
With that command, git is using the “default” SSH key. It is the one that was defined for the Host “Host github.com” in the file ~/.ssh/config.
Then you can pullor push to the repository with that identity.
🏢 Professional Repositories
For your organization projects, you just have to clone the project replacing bitbucket.org to companyname.bitbucket.org (as defined in the ~/.ssh/config file).
git clone git@companyname.bitbucket.org:companyName/company-project.git
So it is the proper identity that is going to be used.
You can then pullor push as many times as you want with the identity of your organization.
I hope that helps you.
Cheers 🍻
Feel free to ask me any questions in the comments below or on my Twitter account.
https://twitter.com/shostarsson
And have a look at my Youtube Channel, if you want to watch some hands-on about security, secure development and CTF.
This post was inspired by the very good job from Fredrik Andersson on Medium.
Originally published at https://dev.to on July 15, 2019.