bash - How to specify the private SSH-key to use when executing shell command on Git?

ID : 794

viewed : 122

Tags : gitbashshellsshgit

Top 5 Answer for bash - How to specify the private SSH-key to use when executing shell command on Git?

vote vote

98

None of these solutions worked for me.

Instead, I elaborate on @Martin v. Löwis 's mention of setting a config file for SSH.

SSH will look for the user's ~/.ssh/config file. I have mine setup as:

Host gitserv     Hostname remote.server.com     IdentityFile ~/.ssh/id_rsa.github     IdentitiesOnly yes # see NOTES below 

And I add a remote git repository:

git remote add origin git@gitserv:myrepo.git 

And then git commands work normally for me.

git push -v origin master 

NOTES

  • The IdentitiesOnly yes is required to prevent the SSH default behavior of sending the identity file matching the default filename for each protocol. If you have a file named ~/.ssh/id_rsa that will get tried BEFORE your ~/.ssh/id_rsa.github without this option.

References

vote vote

87

Something like this should work (suggested by orip):

ssh-agent bash -c 'ssh-add /somewhere/yourkey; git clone git@github.com:user/project.git' 

if you prefer subshells, you could try the following (though it is more fragile):

ssh-agent $(ssh-add /somewhere/yourkey; git clone git@github.com:user/project.git) 

Git will invoke SSH which will find its agent by environment variable; this will, in turn, have the key loaded.

Alternatively, setting HOME may also do the trick, provided you are willing to setup a directory that contains only a .ssh directory as HOME; this may either contain an identity.pub, or a config file setting IdentityFile.

vote vote

71

Starting from Git 2.3.0 we also have the simple command (no config file needed):

GIT_SSH_COMMAND='ssh -i private_key_file -o IdentitiesOnly=yes' git clone user@host:repo.git 

Note the -o IdentitiesOnly=yes is required to prevent the SSH default behavior of sending the identity file matching the default filename for each protocol as noted in the answer above.

vote vote

70

Other people's suggestions about ~/.ssh/config are extra complicated. It can be as simple as:

Host github.com   IdentityFile ~/.ssh/github_rsa 
vote vote

60

With git 2.10+ (Q3 2016: released Sept. 2d, 2016), you have the possibility to set a config for GIT_SSH_COMMAND (and not just an environment variable as described in Rober Jack Will's answer)

See commit 3c8ede3 (26 Jun 2016) by Nguyễn Thái Ngọc Duy (pclouds).
(Merged by Junio C Hamano -- gitster -- in commit dc21164, 19 Jul 2016)

A new configuration variable core.sshCommand has been added to specify what value for GIT_SSH_COMMAND to use per repository.

core.sshCommand: 

If this variable is set, git fetch and git push will use the specified command instead of ssh when they need to connect to a remote system.
The command is in the same form as the GIT_SSH_COMMAND environment variable and is overridden when the environment variable is set.

It means the git pull can be:

cd /path/to/my/repo/already/cloned git config core.sshCommand 'ssh -i private_key_file'  # later on git pull 

You can even set it for just one command like git clone:

git -c core.sshCommand="ssh -i private_key_file" clone host:repo.git 

This is easier than setting a GIT_SSH_COMMAND environment variable, which, on Windows, as noted by Mátyás Kuti-Kreszács, would be

set "GIT_SSH_COMMAND=ssh -i private_key_file" 

Top 3 video Explaining bash - How to specify the private SSH-key to use when executing shell command on Git?

Related QUESTION?