SSH and it's use in GitHub
01 Mar 2017 by pragyan“Privacy is Security, Security is Victory”
What is SSH
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH.
How does it works
To use a manually generated public-private key pair to perform the authentication, allowing users or programs to log in without having to specify a password. In this scenario, anyone can produce a matching pair of different keys (public and private). The public key is placed on all computers that must allow access to the owner of the matching private key (the owner keeps the private key secret). While authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH only verifies whether the same person offering the public key also owns the matching private key. In all versions of SSH it is important to verify unknown public keys, i.e. associate the public keys with identities, before accepting them as valid. Accepting an attacker’s public key without validation will authorize an unauthorized attacker as a valid user.
How to use
- Linux has native support for SSH, while Windows doesn’t. Ref
- Git Bash by default contains SSH package.Download
- Navigate to
user/.ssh/
in Windowshome/.ssh/
in Linux
to list all the key-pair present in your machine. Only the file named
id_rsa
will be considered in bash - Every key has a public counter-part, filename ending with
.pub
.
How to create a new key
$ ssh-keygen -t rsa -C "your_email@example.com"
The file will be stored in afforesaid directory along with the fingerprint.
Note: The key-pair will create effect only if both of them are renamed as id_rsa
and id_rsa.pub
respectively.
How to deploy keys in GitHub
- Copy the content of the file id_rsa.pub
- Move to the Settings option in right-top corner of the page
- In the user settings sidebar, click SSH and GPG keys.
- Click New SSH key or Add SSH key.
- Specify the Title according to your machine/workspace and paste the content in Key field.
- Click Add SSH key.
- If prompted, confirm your GitHub password.