Chapter 20: Git GitHub Add SSH
What is Git + GitHub + Add SSH? (or in other words: how and why do we add SSH authentication so that Git + GitHub work smoothly and securely without asking for password every single time we push or pull)
I’m going to explain this exactly like I’m sitting next to you helping you set it up on your laptop for the first time — step by step, with real commands, real outputs you will see, why each step matters, common mistakes, and what to do if something goes wrong in 2026.
First — Quick Why (Why do we even need SSH for GitHub?)
When you do git push or git pull you have two main choices how your computer proves to GitHub “yes, this is really Webliance”:
| Method | How you prove identity | Ask password every time? | Scoped to git only? | Most common in 2026 for daily use |
|---|---|---|---|---|
| HTTPS | Personal Access Token (PAT) – long random string | Usually yes (unless cached) | No – full account access | Beginners, occasional push |
| SSH | Cryptographic key pair (public key on GitHub) | No after setup (or only passphrase once per session) | Yes – only git read/write | Almost every developer who pushes daily |
SSH advantages in 2026:
- No typing PAT 20 times a day
- Key can only read/write repos (cannot change your profile, delete account, access billing…)
- More modern & secure key types available (ed25519)
- Works great with GitHub Actions, CI/CD, multiple machines
So let’s set it up properly — the way most professionals do it in 2026.
Step-by-step: Add SSH to Git + GitHub (2026 best practice)
Step 1 – Check if you already have good SSH keys
Open terminal / Git Bash:
|
0 1 2 3 4 5 6 |
ls -al ~/.ssh |
Common good modern keys look like:
|
0 1 2 3 4 5 6 7 |
id_ed25519 ← private key (keep secret!) id_ed25519.pub ← public key (safe to share) |
If you see id_rsa (old RSA) → better to create a new stronger one. If nothing → perfect, we’ll make one.
Step 2 – Generate a modern SSH key (ed25519 – recommended in 2026)
|
0 1 2 3 4 5 6 |
ssh-keygen -t ed25519 -C "webliance@example.com" |
What happens:
- -t ed25519 → best algorithm right now (fast, small, very secure, post-quantum resistant enough for 2026)
- -C → comment (helps you remember which key is which later)
Press Enter for default location (/home/webliance/.ssh/id_ed25519 or C:\Users\Webliance\.ssh\id_ed25519)
Important: When it asks for passphrase → add a strong one (12–20 characters, mix letters/numbers/symbols) → This protects your key if someone steals your laptop.
You will see cool randomart picture (just press enter, it’s decorative).
Step 3 – Start SSH agent & add your new key
(so it remembers your passphrase during the session)
Windows / Git Bash / Linux / macOS:
|
0 1 2 3 4 5 6 7 8 9 10 |
# Start the agent eval "$(ssh-agent -s)" # Add your private key (will ask passphrase once) ssh-add ~/.ssh/id_ed25519 |
You should see:
|
0 1 2 3 4 5 6 |
Identity added: /home/webliance/.ssh/id_ed25519 (webliance@example.com) |
Step 4 – Copy your public key to clipboard
Windows (Git Bash):
|
0 1 2 3 4 5 6 |
clip < ~/.ssh/id_ed25519.pub |
macOS:
|
0 1 2 3 4 5 6 |
pbcopy < ~/.ssh/id_ed25519.pub |
Linux (install xclip if needed: sudo apt install xclip):
|
0 1 2 3 4 5 6 |
xclip -sel clip < ~/.ssh/id_ed25519.pub |
Or just open and copy manually:
|
0 1 2 3 4 5 6 |
cat ~/.ssh/id_ed25519.pub |
→ Copy everything (starts with ssh-ed25519 AAAAC3NzaC1lZDI1NTE5… webliance@example.com)
Step 5 – Add the public key to your GitHub account
- Go to github.com → log in
- Top-right → your profile picture → Settings
- Left menu → SSH and GPG keys
- Green button → New SSH key or Add SSH key
- Title: something clear like “Dell Laptop – Hyderabad 2026 – ed25519”
- Key type: Authentication Key (default)
- Paste the entire public key into the big box
- Click Add SSH key
Done! 🎉 Your laptop can now talk to GitHub without password.
Step 6 – Test the connection
|
0 1 2 3 4 5 6 |
ssh -T git@github.com |
You should see exactly this (green success):
|
0 1 2 3 4 5 6 |
Hi Webliance! You've successfully authenticated, but GitHub does not provide shell access. |
If you see “Permission denied (publickey)” → something wrong (key not added, wrong file, agent not running).
Step 7 – Switch your repository to use SSH instead of HTTPS
Check current remote:
|
0 1 2 3 4 5 6 |
git remote -v |
If you see:
|
0 1 2 3 4 5 6 7 |
origin https://github.com/Webliance/my-todo-app.git (fetch) origin https://github.com/Webliance/my-todo-app.git (push) |
Change to SSH:
|
0 1 2 3 4 5 6 |
git remote set-url origin git@github.com:Webliance/my-todo-app.git |
Verify:
|
0 1 2 3 4 5 6 |
git remote -v |
Now:
|
0 1 2 3 4 5 6 7 |
origin git@github.com:Webliance/my-todo-app.git (fetch) origin git@github.com:Webliance/my-todo-app.git (push) |
Try it:
|
0 1 2 3 4 5 6 7 |
git fetch git push |
→ No password/PAT asked anymore! (only passphrase if you set one and agent asks)
Quick Daily Flow After Setup
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# Morning git switch main git pull # works without password! # Work git switch -c feat/add-search # ... code ... git add . git commit -m "feat: add search bar" git push -u origin feat/add-search |
Common Problems & Fixes (2026 edition)
| What you see | Most likely reason & fix |
|---|---|
| Permission denied (publickey) | Public key not added to GitHub OR wrong private key file → double-check ssh -T git@github.com |
| Passphrase asked every terminal | Forgot to run ssh-add → add it to startup or use ssh-add each session |
| “Bad owner or permissions” | Private key file permissions too open → run chmod 600 ~/.ssh/id_ed25519 |
| Corporate firewall blocks port 22 | Use HTTPS fallback or ask IT to allow SSH (port 22) |
| Old RSA key stopped working | GitHub deprecated weak RSA → generate new ed25519 key |
Got it? SSH = passwordless, scoped, daily-friendly authentication for Git + GitHub once set up properly.
Next class?
- Want to configure multiple GitHub accounts (personal + work) with SSH config?
- How to use Deploy Keys for CI/CD?
- Or back to merge conflicts / workflows?
Just say — we’ll keep going step by step. You’re doing really well! 🚀
