Reputation: 16558
Use different SSH keys for different accounts on the same Git hosting
This question would be simple if I ask it as a use case. I have two SSH keys on my computer
- personal_id_rsa
- company_id_rsa
And I have two different user accounts on bitbucket.org. One of them is my personal account and the other is my company account. I have N number of repositories on my PC as well. Some of them has to be linked with my personal account and some other repos with the company account. There is no repositories that has to be linked to both the accounts. I have set the Identityfile inside the ~/.ssh/config to something like below.
Host *.bitbucket.org
IdentityFile ~/.ssh/company_id_rsa
And whenever I want to push something to my personal repos, I change the config file to something like below.
Host *.bitbucket.org
IdentityFile ~/.ssh/personal_id_rsa
And now, it becomes quite an inconvenience to edit the file whenever I want to make a git push. I was just thinking if I could just pickup one of the keys on the fly, when I push, it would have been a lot easier. Is there any way to do so?
I came across this question which explains a similar use case, but that is not the exact use case here.
Upvotes: 5
Views: 4520
Answers (4)
Reputation: 1042
If the name of the host is the same, your git config file should look something like this:
# Set up SSH keys for personal and work projects
Host gitlab.com
HostName gitlab.com
User git
AddKeysToAgent yes
IdentitiesOnly yes
# Personal projects
Match User [email protected]
IdentityFile ~/.ssh/id_ed25519
# Work projects
Match User [email protected]
IdentityFile ~/.ssh/id_rsa
Just change your email and host. Also, I have 2 ssh key pairs created with 2 different algorithms, but you don't have to.
Upvotes: 0
Reputation: 16558
SOLUTION
I'm keeping the other answer as accepted, because that pointed me to the correct solution, here. I removed all the existing keys from my machine and created two completely new ones, namely personalid and companyid.
$ ssh-keygen -f ~/.ssh/personalid -C "My Personal SSH Key"
$ ssh-keygen -f ~/.ssh/companyid -C "My Company SSH Key"
And after that, added both to appropriate accounts on bitbucket. Then I created the following SSH config file and everything works like a charm. Since I don't have any repositories that has to be pushed to both the company and the personal accounts, this solution requires no additional hacks to make it working.
Host github.com
HostName github.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/personalid
Host company
HostName bitbucket.org
IdentityFile ~/.ssh/companyid
Host personal
HostName bitbucket.org
IdentityFile ~/.ssh/personalid
And when pushing, do it normally as you do, git push <your stuff> and it will pick the appropriate key which is uploaded on bitbucket.
Upvotes: 2
Reputation: 1937
You can add two Bitbucket "accounts" in your ssh config file. Bitbucket has alternative ssh host listening on port 443 (For those who has blocked almost all ports (sic!)).
Host bitbucketCompany
User git
HostName altssh.bitbucket.org
Port 443
IdentityFile ~/.ssh/company_id_rsa
Host bitbucketWork
User git
HostName bitbucket.org
Port 22
IdentityFile ~/.ssh/personal_id_rsa
Then update your remotes in .git/config
Company projects
[remote "origin"]
url = ssh://bitbucketCompany/username/repo.git
Personal projects
[remote "origin"]
url = ssh://bitbucketPersonal/username/repo.git
Upvotes: 11
Reputation: 55443
Two ways.
Git consults the environment variable
GIT_SSHto know which SSH client to use. If it's not set, it reverts to its built-in default (it's justsshorssh.exe, depending on the platform, IIRC), so you can do this:$ cat >~/bin/bb-priv-ssh #!/bin/sh /usr/bin/ssh -i /path/to/my/private/ssh/key ^D $ chmod +x $_ $ cat >~/bin/bb-corp-ssh #!/bin/sh /usr/bin/ssh -i /path/to/my/corporate/ssh/key ^D $ chmod +x $_Now you'll be able to do this
$ GIT_SSH=~/bin/bb-priv-ssh git push $ GIT_SSH=~/bin/bb-corp-ssh git pushor just
$ export GIT_SSH=~/bin/bb-priv-sshbefore opening a session in which you do your private work; "corporate settion" would be set up like this with the obvious adjustment.
Note that you can't just use
GIT_SSH='/usr/bin/ssh -i /path/to/a/key/file'as Git expects this variable to contain just a pathname. I'm lazy to google at the moment for relevantcomp.lang.version-control.gitarticles on this — please do this yourself if needed.Start using the SSH key agent. You can then add to it both keys, and it will attempt to use both of them when authenticating — one will fail, and the other one succeed. This makes the login process longer for an unfortunate host (one more round of authentication round-trips) but in this case, I reckon, it's a reasonable price to pay for convenience.
Upvotes: 2
Related Questions
- SSH Key Managment for Multiple Git Accounts
- How to maintain multiple bitbucket accounts with multiple ssh keys in the same system
- What is the correct way to add SSH keys for multiple accounts on a single machine?
- Configure multiple SSH Keys for same user on same host (bitbucket)
- How to properly configure ssh keys to multiple remote accounts involving github and bitbucket?
- Multiple bitbucket accounts
- Different git config user and ssh keys, how do I make git pull work?
- git/ssh config: how to manage multiple usernames
- Multiple Bitbucket SSH accounts on same machine
- Bitbucket different keys and accounts