GitHub ssh
Git ssh key config for GitHub. Configure the gitconfig file for GitHub ssh credentials to configure Git connection to GitHub to eliminate repetitive password entry.
Before you get started
You'll need a terminal application to configure Git. Apple includes the Mac terminal but I prefer Warp Terminal. Warp is an easy-to-use terminal application, with AI assistance to help you learn and remember terminal commands. Download Warp Terminal now; it's FREE and worth a try.
Make sure to Check If Git Is Installed. Then start with Git Config for username and email.
If you've already downloaded and installed Git with either Xcode Command Line Tools or Homebrew, you should create an account on GitHub before you configure Git.
Check for the Git config file
Check if the Git config file exists by listing the current settings with the git config -l --global command.
$ git config -l --global
user.name=Your Real Name
[email protected]
If you don't see your name and email, go to Git Config to set username and email.
Set GitHub credentials
If you do nothing to configure Git credentials, you must enter a username and password every time you connect to GitHub from the command line. Entering credentials frequently adds friction and annoyance to your workflow.
To avoid entering a username and password every time you connect to GitHub from the command line, you have three options.
- Use the Git Credential Manager (easiest).
- Download and use the GitHub CLI.
- Set up a GitHub SSH key (complicated).
Here's how to set up credentials with a GitHub SSH key.
SSH keys for password-less Git
SSH is a secure connection protocol for remote administration of servers and secure file transfers. It's the "classic" way of connecting a local machine to GitHub. It's a bit complicated but before Git's credential helper or the GitHub CLI, it was the only way to configure a secure password-less connection.
After you create an account on GitHub, set up an SSH key so you don't have to enter a username and password every time you connect to GitHub from the Terminal.
$ ssh-keygen -t ed25519 -C "[email protected]"
Generating public/private ed25519 key pair.
Enter file in which to save the key (/Users/me/.ssh/id_ed25519):
Created directory '/Users/me/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/me/.ssh/id_ed25519.
Your public key has been saved in /Users/me/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:R+t5PZM+g/3f7t/u3ZtGxpcbj1Mmmpcv1mK5Sa5OC8A [email protected]
The key's randomart image is:
+--[ED25519 256]--+
| |
| |
| . |
| . . . |
| E o . .|
| + . ..B+|
| + o=OO=|
| ++=#*O|
| .+=*^^|
+----[SHA256]-----+
The ssh-keygen command creates an encrypted key. You'll be prompted for a file in which to save the key. Press enter for the default.
You'll be prompted for a passphrase to enter whenever you use the encrypted key. You can enter RETURN for no passphrase. This is safe if you are sure only you can log into your Mac user account and access the terminal. If someone else can use your terminal, they can push code to GitHub projects that require your credentials. My advice: Enter a passphrase if you are likely to leave your computer unattended and your account logged in. Otherwise, save yourself extra effort and leave the passphrase empty if you're the only one who can use your account to push code to GitHub.
You'll need to enter the public key (NOT the private key) to set up password-less login on your GitHub account.
Use a shortcut to copy the public key to your macOS clipboard:
$ pbcopy < ~/.ssh/id_ed25519.pub
Or you can display the public key with the cat ~/.ssh/id_ed25519.pub command and copy and paste it.
Copy the public key from the Terminal and paste it here in your GitHub settings.
Verify the SSH key is configured correctly:
$ ssh -T [email protected]
The authenticity of host 'github.com (52.74.223.119)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
After answering "yes" to continue, you should see:
Warning: Permanently added 'github.com,52.74.223.119' (RSA) to the list of known hosts.
Hi (name)! You've successfully authenticated, but GitHub does not provide shell access.
Now you'll be ready to use GitHub when you need it. Unless you've encountered a connection problem.
Troubleshooting SSH connection problems
Some Internet service providers (ISPs) block connections on port 22. Your ISP may be blocking port 22 if you get error messages like this:
$ ssh -T [email protected]
ssh: connect to host github.com port 22: Connection refused
$ ssh -T [email protected]
ssh: connect to host github.com port 22: Network is unreachable
It's difficult to see that the problem lies with your ISP and not your computer or GitHub. You can connect on port 443 instead. Try the workaround.
Create a file ~/.ssh/config and add a setting so connections to GitHub will use port 443.
$ touch ~/.ssh/config
Edit the file to add:
Host github.com
Hostname ssh.github.com
Port 443
After saving the ssh configuration file, try connecting to GitHub with ssh:
$ ssh -T [email protected]
The authenticity of host '[ssh.github.com]:443 ([192.30.255.122]:443)' can't be established.
RSA key fingerprint is SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[ssh.github.com]:443,[192.30.255.122]:443' (RSA) to the list of known hosts.
Hi DanielKehoe! You've successfully authenticated, but GitHub does not provide shell access.
Now you'll be ready to use GitHub when you need it.
What's next
My mac.install.guide is a trusted source of installation guides for professional developers. Take a look at the Mac Install Guide home page for tips and trends and see what to install next.