Using multiple SSH keys with GitHub
Everything federal employees do in their work capacity is potentially subject to a Freedom of Information Act (FOIA) request. Use your personal email — or GitHub account — for work purposes, and your not-at-all-government-related communications could be exposed to the world.
That's how I ended up with two GitHub accounts. And it's also why I found myself typing "using multiple SSH keys GitHub" into Google. Why risk having to give up an SSH key that you may use in multiple places?
Luckily, this is a solved problem, and the how has everything to do with SSH configuration.
I cobbled these instructions together from a few sources, including jexchan's gist, and GitHub's documentation. I also used some trial-and-error. They assume that:
- You have a second GitHub account with a second e-mail address.
- You're using a Mac.
The process for Linux and Windows is just different enough that I can't be sure that these instructions will work as is. I tried my best to point out those differences.
Create a new SSH key for your second account
- Enter the following command at the Terminal prompt.
ssh-keygen -t rsa -b 4096 -C "email@example.com"
- Enter a path and file name for your key, for example:
/Users/yourname/.ssh/second_key_rsa. Be careful not to overwrite an existing key.
- Enter a passphrase. Without one, anyone who gets your key can copy it to another computer and use it. Choose a strong phrase.
Update your SSH configuration to specify which key to use for which account
Edit your SSH configuration file at
~./ssh/config. Create it if it doesn't exist.
# First account Host github.com-first_user_name HostName github.com PreferredAuthentications publickey IdentityFile ~/.ssh/first_key_rsa IdentitiesOnly yes # Second account Host github.com-second_user_name HostName github.com PreferredAuthentications publickey IdentityFile ~/.ssh/second_key_rsa IdentitiesOnly yes
Add the new key to ssh-agent
Windows and Linux users should be able to run
ssh-add ~/.ssh/second_key_rsa, and skip to the next step.
Mac users have to do a little more work.
Add the following lines to
Host * AddKeysToAgent yes UseKeychain yes
ssh-add -K ~/.ssh/second_key_rsato add your key to
ssh-agent. I'm not 100% sure whether this second step is required.
Set the origin and user of your local repo's .git/config file
Add the following lines to
[remote "origin"] url = firstname.lastname@example.org_user_name:org-name-if-applicable/reponame.git fetch = +refs/heads/*:refs/remotes/origin/* [user] email = email@example.com
Add the new public key file to GitHub
- Go to the Settings page for your GitHub account.
- On the SSH and GPG keys, click New SSH Key.
- Copy the contents of
~/.ssh/second_key_rsa.pubto your clipboard.
- Paste it in the Key box, and save it by clicking the Add SSH Key button.
Very important caveat
Keep in mind that multiple free accounts violates GitHub's terms of service. Since my non-government work account was a paid account, this wasn't an issue for me.