SSH Keys

SSH keys are used for proving that you are who you say you are and are used instead of passwords for SSHing into different machines (and so also used pushing and pulling from repositories).

These work by using a public and private key. You store the private key on your computer and sign messages with this (so basically encrypts it). Then another computer will use the public key to decrypt and so validate that you and only you could have encrypted the message.

Creating a Key

GitHub also has great documentation on creating a key here

• Open a terminal ( Windows terminal, Powershell or cmd on Windows)

• Run ssh-keygen -t ed25519 -b 4096

  Note

  This creates a public and private key pair in your .ssh folder using ed25519 encryption and 4096 bit long key. If you wish you can change the encryption type by replacing ed25519 with something else e.g. rsa (which is for legacy systems)

  • Accept all the defaults
  • You may be asked for a password. It is good practice to set one. This encrypts the private key with this password and so you will have to type in the password when trying to SSH into another machine for the first time in your current session. (So remember it or write it in a password manager)

• This should save a private and public key in .ssh in your home directory. Private key ~/.ssh/id_rsa and public key ~/.ssh/id_rsa.pub.

  On windows we recommend navigating to this directory and check “show hidden files” and “show file extensions” - look it up if its not obvious (which it is not). You should be able to tell the difference between id_rsa and id_rsa.pub. Windows will think the .pub is a publisher file (it is not) and so open it with notepad.

You can then use this public key in locations such as “SSH keys” in GitLab and GitHub for security.