Private repo on github: how to push using a SSH deploy key

On github you can use a deploy key at a time for user associating github.com to a private key configured in .ssh/config file.

  1. Create a new user on system (e.g. userperrepo)
  2. Generate a public / private pair following github howto (e.g. /home/userperrepo/.ssh/id_ecdsa_github)
  3. Associate the key with the repo on github
  4. Add or change config file on the system to associate git@github.com with this private key

For example create a file named /home/userperrepo/.ssh/id_ecdsa_github with this content:

Host github.com
  Hostname github.com
  User git
  IdentityFile /home/userperrepo/.ssh/id_ecdsa_github

Since for a github constraint a single deploy key cannot be used more than one time, you have to create a different user per repo to use git pull / push on private repo via ssh without any other configuration or command.

For any user created for deploy, specify git essentials:

git config --global user.name "yourgithubname"
git config --global user.email "youremail@example.com"

In theory, you can chain multiple Host github.com sections with different keys and the first working will be used. Practically, this is slow and error-prone so it’s better to use a different user per repo or try a different method.

Then you can pull and push from a private repo with a deploy key without any other commands.

If you want a single user to use multiple keys, you can follow this howto. But keep in mind that you can use this method using a docker container or a similar technology for a smoother deploy.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.