Blog

How to Add an SSH Key to GitHub in 5 Minutes

/ by Ava Taylor

Securing your connection to GitHub with an SSH key is one of the most reliable ways to protect your code and streamline your workflow. Instead of entering your username and password every time you push or pull changes, SSH authentication creates a secure, encrypted channel between your machine and GitHub. This guide explains, in a clear and professional manner, how to generate an SSH key and add it to your GitHub account in just a few minutes.

TL;DR: Generating and adding an SSH key to GitHub takes about five minutes. Create a new SSH key using the command line, copy the public key, and paste it into your GitHub account under SSH and GPG keys. Test the connection to ensure everything works correctly. Once configured, you can securely push and pull without re-entering credentials.

Why Use SSH with GitHub?

Before diving into the steps, it is important to understand why SSH is recommended. SSH (Secure Shell) provides encrypted communication between your local machine and GitHub’s servers. Compared to HTTPS authentication, SSH offers:

  • Stronger security through cryptographic key pairs
  • No need to repeatedly enter credentials
  • Improved workflow efficiency for developers
  • Compatibility with automation tools and CI/CD systems

GitHub uses public-key cryptography. You generate a pair of keys: a private key that stays on your computer and a public key that you upload to GitHub. Anything encrypted with the public key can only be decrypted by the private key.

Step 1: Check for Existing SSH Keys

First, determine whether you already have an existing SSH key on your machine.

Open your terminal (macOS or Linux) or Git Bash (Windows) and run:

ls -al ~/.ssh

If you see files such as id_rsa, id_ed25519, or similar pairs ending in .pub, you may already have an SSH key. The file ending in .pub is the public key.

If no keys are present, proceed to generate a new one.

Step 2: Generate a New SSH Key

GitHub recommends using the Ed25519 algorithm for new SSH keys because it is more secure and efficient than RSA.

Run the following command, replacing the email with your GitHub account email:

ssh-keygen -t ed25519 -C "your_email@example.com"

If your system does not support Ed25519, use RSA as a fallback:

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

When prompted:

  • Press Enter to accept the default file location.
  • Enter a secure passphrase (recommended) or press Enter to skip.

This process generates two files:

  • id_ed25519 (private key — keep this secret)
  • id_ed25519.pub (public key — upload this to GitHub)

Your private key must never be shared or uploaded anywhere.

Step 3: Start the SSH Agent

The SSH agent manages your private key and keeps it available for authentication.

Start the agent with:

eval "$(ssh-agent -s)"

Add your key to the agent:

ssh-add ~/.ssh/id_ed25519

On Windows (Git Bash), the same commands typically work. If using PowerShell, ensure OpenSSH is installed and enabled.

At this stage, your system is ready to authenticate using the generated key.

Step 4: Copy the Public Key

Now you need to copy your public key so you can add it to GitHub.

To display the public key, run:

cat ~/.ssh/id_ed25519.pub

Copy the entire output. It should begin with ssh-ed25519 (or ssh-rsa) and end with your email address.

On macOS, you can copy directly to your clipboard with:

pbcopy < ~/.ssh/id_ed25519.pub

On Windows (Git Bash):

clip < ~/.ssh/id_ed25519.pub

Make sure you copy the entire line without extra spaces or line breaks.

Step 5: Add the SSH Key to GitHub

Next, log in to your GitHub account.

Follow these steps carefully:

  1. Click your profile picture in the upper-right corner.
  2. Select Settings.
  3. In the left sidebar, click SSH and GPG keys.
  4. Click the New SSH key button.
  5. Add a descriptive Title (e.g., “Work Laptop” or “Personal Desktop”).
  6. Paste the copied public key into the Key field.
  7. Click Add SSH key.

GitHub may prompt you to confirm your password or complete two-factor authentication. Once confirmed, your key will be registered.

Step 6: Test Your SSH Connection

To ensure everything works properly, test the connection.

Run:

ssh -T git@github.com

The first time you connect, you may see a message asking if you trust the host. Type yes and press Enter.

If configured correctly, you should see:

Hi username! You've successfully authenticated, but GitHub does not provide shell access.

This confirms that GitHub recognizes your SSH key.

Switch Existing Repositories to SSH

If your repositories are currently using HTTPS, you must update them to use SSH.

Check your current remote URL:

git remote -v

If it shows an HTTPS URL like:

https://github.com/username/repository.git

Change it to SSH:

git remote set-url origin git@github.com:username/repository.git

Verify the change:

git remote -v

You can now push and pull using SSH authentication.

Common Issues and Troubleshooting

Even though the setup process is straightforward, some users encounter minor issues. Here are the most common ones and how to resolve them:

  • Permission denied (publickey): Ensure your public key is correctly added to GitHub and your private key is loaded into the SSH agent.
  • Wrong key being used: Check your SSH configuration file at ~/.ssh/config.
  • Multiple GitHub accounts: Use separate SSH keys and define host aliases in your SSH config file.
  • Agent not running: Restart the SSH agent and re-add your key.

Maintaining clean key management practices is critical, especially in professional or enterprise environments.

Security Best Practices

When working with SSH keys, adhere to these industry best practices:

  • Always use a passphrase to protect your private key.
  • Never share your private key or upload it to repositories.
  • Rotate keys periodically, especially for work devices.
  • Remove unused keys from your GitHub account.
  • Use hardware-backed keys when possible for critical systems.

GitHub allows you to manage and revoke keys easily from the settings page. Regular audits of authorized keys help maintain security and compliance standards.

Conclusion

Adding an SSH key to GitHub is a simple yet powerful security enhancement that can be completed in under five minutes. By generating a secure key pair, registering the public key with GitHub, and testing your connection, you eliminate the need for repeated password authentication while strengthening the integrity of your development workflow.

SSH authentication is widely regarded as the professional standard for interacting with GitHub repositories. Whether you are an individual developer, part of a startup, or working within an enterprise environment, implementing SSH access ensures both security and efficiency. Taking a few minutes to configure it correctly today will save you time and reduce risk in the long term.

To top